IP Addresses for Syslog Forwarding

Table of Contents

IP Addresses for Syslog Forwarding

Allow the IP addresses required to forward DLP incident syslogs from Enterprise Data Loss Prevention (E-DLP) to manage and create workflows.

Allow the following IP addresses on your network to successfully forward Enterprise Data Loss Prevention (E-DLP) incidents syslogs to your third-party security information and event management (SIEM), Security Orchestration, and Response (SOAR), or other automated ticketing systems. This enables your SOC Analysts and Incident admins to effectively triage, review, and resolve data security risks that occur in your organization. To forward DLP incident syslogs, the IP addresses you need to allow access for are dependent on region or zone where the file will be scanned by Enterprise DLP.

Evidence Storage and Syslog Forwarding require you allow the same IP addresses on your network. You don't need to allow any region-specific IP addresses for Syslog Forwarding if already allowed for Evidence Storage.

Region	IP Address
APAC	13.228.151.58 52.74.82.77
Australia	13.54.198.248 52.63.9.154
Canada	15.222.125.234 99.79.19.33
E.U	3.123.172.116 52.59.186.42
India	15.207.246.3 3.108.103.214
Japan	3.115.43.201 35.72.148.77 35.74.96.38 52.68.52.77
U.K	13.43.141.10 18.169.44.228 35.177.5.4 52.56.54.90
(`Default`) U.S.A	3.230.176.219 3.226.106.173 18.190.146.204 3.16.224.253 34.223.123.78 52.27.148.95

Enterprise DLP Docs

IP Addresses for Syslog Forwarding

Enterprise DLP Docs

IP Addresses for Syslog Forwarding

Activation & Onboarding

Next-Generation Firewalls

SASE

Cloud-Delivered Security Services

Endpoints

Visibility & Monitoring

Best Practices

Experts Corner