Comodo Antivirus

When you configure your Comodo Antivirus to send log data to USM Appliance, you can use the Comodo Antivirus plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin.

Plugin Information
Device Details
Vendor Comodo
Device Type Antivirus
Connection Type Syslog
Data Source Name Comodo-antivirus
Data Source ID 1562

Integrating Comodo Antivirus

Before you configure the Comodo Antivirus integration, you must have the IP Address of the USM Appliance Sensor.

To configure Comodo Antivirus to send Syslog messages to USM Appliance

  1. From the Comodo IT and Security Manager console, navigate the Comodo Client Security interface and select Advanced Settings > General Settings > Logging to display the Logging tab page.

  2. Select the Write to syslog server (CEF format) check box.
  3. In the Host field, enter the USM Appliance IP address or hostname.
  4. In the Port field, specify 514.
  5. Save your changes.

Plugin Enablement

For plugin enablement information, see Enable Plugins.

Additional Resources and Troubleshooting

For troubleshooting, refer to the vendor documentation: