Integration security events via syslog into a SIEM

I would like to reiterate the Parallels Remote Application server logging requirements & integration with our existing Log collectors & SIEM platform.
As part of a usecase requirements, we need to integrate all the security event logs captured from parallels solutions (which includes all components - Remote Application servers, High Availability Load balancer, Secure gateway etc) into a SIEM. Can you please check if it is possible to use the syslog integration features. Expect the following security event logs (located in %ProgramData%\Parallels\RASLogs\)

• Publishing Agent Logs
• Installer Logs
• RDSH Agent logs
• Server Logs
• Client Logs

should be integrated via syslog into a company SIEM.
This would make the Integration easier, otherwise we have to use a additional tool for the integration.

 

I strongly agree. Not being able to easily ingest the logs to syslog in the current threat landscape is dangerous.
Have raised this feature request earlier, but not heard anything yet..
also, being able to show authentication logs in the console would be great. Today, you see all current sessions from the RDSH side, but nothing really from the gateway or loadbalancer side. being able to catch missed logins, wrong passwords or attempted spray attacks could give early warning on dangerous activity.

 

Thank you for raising this. We understand the importance and noted it for consideration in a future release.