If your organization uses a Syslog server product such as Splunk, that's what the host would be. Here's an example of what I'm using. The values of those keys should be provided by whoever manages your syslog server.
<?xml version="1.0" encoding="UTF-8"?>
<plist version="1.0">
<dict>
<key>DockToggleTimeout</key>
<integer>30</integer>
<key>RemoteLogging</key>
<dict>
<key>EnableTCP</key>
<false/>
<key>ServerAddress</key>
<string>"Your Server Here"</string>
<key>ServerPort</key>
<integer>"Your Port Here"</integer>
<key>ServerType</key>
<string>syslog</string>
<key>SyslogOptions</key>
<dict>
<key>MaximumMessageSize</key>
<integer>1024</integer>
<key>LogSeverity</key>
<integer>0</integer>
<key>LogFacility</key>
<integer>0</integer>
</dict>
</dict>
<key>RequireAuthentication</key>
<true/>
<key>ReasonMinLength</key>
<integer>10</integer>
<key>ReasonRequired</key>
<true/>
<key>LimitToUser</key>
<string>$USERNAME</string>
</dict>
</plist>
Any alternatives that you think would work great for this? We don't use Splunk :(
Does your organization currently have a functioning syslog server or siem? If so, the administrators of that server can provide you the necessary hostnames and severities. If not and you have the cycles to provision and manage your own, I'm sure there are plenty of available resources online. You can still use this tool without the logging if your organization doesn't have an existing logging policy.
Can someone help me to find where should I paste my own configuration?
