Veeam SIEM logs

jround · Apr 27, 2022 4:17 pm

Does Veeam B&R provide the functionality to export logs to a SIEM system (We have recently implemented Logpoint) other than the basic ones logged under Windows Event Viewer?

We are currently running Veeam v10, not sure if v11 offers anything different

Apr 27, 2022 5:01 pm

As far as I am aware there is no export option to SIEM or others like that. You can export logs but it is exported to ZIP format for attaching to cases, etc.

Would be very interesting to have this though.

Post by **HannesK** » Apr 28, 2022 6:45 am this post

Hello,
what software are you using? Does that software have some "log file agent" that can just send everything from c:\programdata\veeam\... to your software? I used filebeat some time ago and would assume that similar options exist "everywhere".

Best regards,
Hannes

Apr 28, 2022 12:36 pm

That is interesting and will check out that app. Need to find a way to move logs and this might be it.

wishr · Apr 28, 2022 12:41 pm

Hi Chris,

Currently, there is no interface allowing you to get a complete security-related data, but this is something we are keeping in mind for the next product versions.

Thanks

Apr 28, 2022 12:43 pm

That is great to hear. If this app works to get some logs over to a server to analyze that works for me for now. I typically use the log location anyway to look in to when I need.

wishr · Post by **wishr** » Apr 28, 2022 12:48 pm this post

Chris,

You should be good because as far as I see Logpoint is capable of consuming Windows Event Logs and for us it's a go to interface to providing that type of data.

The solution Hannes mentioned above may also work, but you may need to configure rules and parsing on your own to get security-specific information from the generic text logs. Also, keep in mind that we can change text logs in any version, which may break the existing rules.

Thanks

Apr 28, 2022 1:17 pm

Thanks. I will look in to Logpoint as well.

Post by **HangTen** » Jul 04, 2023 4:15 pm this post

Hello. I just found this thread and am looking to see if the answers have changed in the past year. Thanks.

Jul 04, 2023 5:09 pm

Hello, we're working on adding syslog integration in the next minor release. Thanks!

Jul 04, 2023 5:50 pm

That is going to be great Gostev. Looking forward to that for sure.

haarloser · Post by **haarloser** » Oct 11, 2023 12:08 pm this post

Gostev wrote: ↑Jul 04, 2023 5:09 pm Hello, we're working on adding syslog integration in the next minor release. Thanks!

Any idea when this will be released?
Kind Regards

Oct 12, 2023 12:04 am

We plan to ship it before the end of this year.

Post by **eeberg** » Mar 22, 2024 4:00 pm this post

FYI to close the loop: syslog support shipped in 12.1 on December 5, 2023. Details and release notes available in KB4510: Release Information for Veeam Backup & Replication 12.1 and Updates.

Other details are available in a new section of the user guide.

R&D Forums

Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Re: Veeam SIEM logs

Who is online