To set up the Broadcom Endpoint Security Collector, do the following steps, below:
Enable the Broadcom Endpoint Security Collector integration
Install the XDR Collector
Configure the Firewall
Open the port on the XDR Collector Host
Enable the Broadcom Endpoint Security Collector
In Barracuda XDR Dashboard, navigate to Administration > Integrations.
On the Broadcom Endpoint Security Collector card, click Setup.
Select the Enable check box.
Click Save.
Install the XDR Collector
If you haven't already set up the XDR Collector, do one of the following:
Configure the Firewall
To add a syslog server to the Broadcom Endpoint Security Firewall follow the steps that can be found in Broadcom Endpoint Security Firewall Documentation
When entering the necessary information for each syslog server that is added, make sure that the port is pointing to 9231, not to the default port that is mentioned in the documentation.
Open the port on the XDR Collector Host
Ensure incoming traffic is allowed on UDP port 9231.
Linux
sudo ufw allow 9231/udp
Windows
netsh advfirewall firewall add rule name="Broadcom Endpoint Security Events" dir=in action=allow protocol=UDP localport=9231