When you configure Comodo Antivirus to send log data to USM Appliance, you can use the Comodo Antivirus plugin to translate raw log data into normalized events for analysis. The table below provides some basic information for the plugin.
| Device | Details |
|---|---|
| Vendor | Comodo |
| Device Type | Antivirus |
| Connection Type | Syslog |
| Data Source Name | Comodo-antivirus |
| Data Source ID | 1562 |
Integrating Comodo Antivirus
Before you configure the Comodo Antivirus integration, you must have the IP Address of the USM Appliance Sensor.
To configure Comodo Antivirus to send Syslog messages to USM Appliance
- From the Comodo IT and Security Manager console, navigate the Comodo Client Security interface and select Advanced Settings > General Settings > Logging to display the Logging tab page.
- Select the Write to syslog server (CEF format) check box.
- In the Host field, enter the USM Appliance IP address or hostname.
- In the Port field, specify 514.
- Save your changes.
Plugin Enablement
For plugin enablement information, see Enable Plugins.
Additional Resources and Troubleshooting
https://help.comodo.com/topic-399-1-790-10354-.html
For troubleshooting, refer to the vendor documentation:
Feedback