IP Addresses for Syslog Forwarding
Focus
Focus
Enterprise DLP

IP Addresses for Syslog Forwarding

Table of Contents


IP Addresses for Syslog Forwarding

Allow the IP addresses required to forward DLP incident syslogs from Enterprise Data Loss Prevention (E-DLP) to manage and create workflows.
Allow the following IP addresses on your network to successfully forward Enterprise Data Loss Prevention (E-DLP) incidents syslogs to your third-party security information and event management (SIEM), Security Orchestration, and Response (SOAR), or other automated ticketing systems. This enables your SOC Analysts and Incident admins to effectively triage, review, and resolve data security risks that occur in your organization. To forward DLP incident syslogs, the IP addresses you need to allow access for are dependent on region or zone where the file will be scanned by Enterprise DLP.
Evidence Storage and Syslog Forwarding require you allow the same IP addresses on your network. You don't need to allow any region-specific IP addresses for Syslog Forwarding if already allowed for Evidence Storage.
RegionIP Address
APAC13.228.151.58
52.74.82.77
Australia
13.54.198.248
52.63.9.154
Canada
15.222.125.234
99.79.19.33
E.U
3.123.172.116
52.59.186.42
India
15.207.246.3
3.108.103.214
Japan
3.115.43.201
35.72.148.77
35.74.96.38
52.68.52.77
U.K
13.43.141.10
18.169.44.228
35.177.5.4
52.56.54.90
(Default) U.S.A
3.230.176.219
3.226.106.173
18.190.146.204
3.16.224.253
34.223.123.78
52.27.148.95