top of page

Syslog Access List

In the section Lists > Syslog List, the system displays the complete list of Syslog logs acquired.
Each row represents an event received from remote devices configured to send their logs to the BusinessLog server.

The table shows, for each event, the main information:
date and time, category, source, IP address, user, processing status, and any alerts or critical issues.

image.png

Syslog Configuration Assistant

image.png

This function, based on Artificial Intelligence, assists in configuring network devices for sending Syslog logs

to the BusinessLog server.
It is sufficient to specify the brand, model, and firmware version of the device: the system automatically generates detailed instructions for enabling the Syslog service and correctly transmitting logs to BusinessLog:

image.png

The response can be printed or exported as a PDF by clicking [Print].

​

​

From the command bar, several automatic analysis functions are also available:

​

Explain selected log: this function uses a semantic analysis engine powered by Artificial Intelligence to automatically interpret the content of a single Syslog event.

​

The system analyzes the message and provides a detailed explanation divided into sections:

  • What happened: describes the detected event in natural language, indicating the user, device, and technical context (e.g., accesses, errors, or modifications).

  • Why it matters: explains the relevance of the event, highlighting risks, vulnerabilities, or security implications.

  • Actions: suggests recommended checks or verifications for managing the event or resolving the issue.

​

When specific information is not available for a given event, the Wiki tab displays the technical details of the event ID, along with possible alternative actions or directions for further investigation.

image.png
image.png

The explanation can be printed or saved using the commands available at the bottom of the window.

​

​

AI Analysis: this function uses an Artificial Intelligence model to automatically analyze the collected logs and identify abnormal behaviors, recurring patterns, or potentially suspicious activities.
The system processes the recorded data and presents the results in a summarized form, classifying events

by type of anomaly and risk level.

​

For each event, the following information is displayed:

  • Details: technical information (event ID, area, and source device).

  • Relevance: explains why the log is considered significant or potentially critical.

  • ML Indicator: highlights the detection criteria applied by the machine learning engine.

  • Actions: provides operational suggestions for verification and mitigation.

image.png

The results can be saved or printed directly from the window for later consultation or archiving.

​

​

SysList Analysis: this function performs an in-depth processing of the collected logs, generating an automatic technical report in SOC (Security Operations Center) style.
Its goal is to identify critical or potentially harmful events, highlighting their importance and the

recommended actions for operational management.

​

The report is organized in columns for easy reading:

  • Date / Time: the moment when the event was recorded.

  • Line: the technical detail of the original log.

  • Why it matters: explains the significance of the event, indicating the type of risk (e.g., detected threat, service interruption, known vulnerability).

  • Action: suggests the steps to take for verification, mitigation, or resolution of the issue.

image.png

Each analysis report can be saved or printed to document the investigations carried out or to share the findings with the SOC team.

image.png
bottom of page