TroutTrout

Log Forwarding and SIEM Export

Forward Access Gate's alerts, flows, and audit events to your SIEM over syslog.

1 min read · Last updated 2026-04-22

Access Gate generates detections based on behaviors and a set of rules that can be configured in Rules menu.

Rules menu in Access Gate showing the Configure Forward button
Rules menu in Access Gate showing the Configure Forward button

Syslog Destination

Access Gate sends events over syslog via TCP. Most SIEMs accept this out of the box: Splunk, Elastic, QRadar, and Sentinel (via its syslog connector) all work without custom integration.

Configure a syslog destination
  1. Navigate to Rules → Configure Forward.
  2. Enter the hostname/IP, port (514 for example), and transport.
  3. Pick which rules to send to this destination by ticking rules in the list
Configuring the Forwarder
Configuring the Forwarder