Configuring syslog for Nortel Switched Firewalls

This method ensures the IBM® QRadar® Nortel Switched Firewall 6000 DSM accepts events by using syslog.

About this task

To configure your Nortel Switched Firewall 6000:

Procedure

  1. Log into your Nortel Switched Firewall device command-line interface (CLI).
  2. Type the following command:

    /cfg/sys/log/syslog/add

  3. Type the IP address of your QRadar system at the following prompt:

    Enter IP address of syslog server:

    A prompt is displayed to configure the severity level.

  4. Configure info as the severity level.

    For example, Enter minimum logging severity

    (emerg | alert | crit | err | warning | notice | info | debug): info

    A prompt is displayed to configure the facility.

  5. Configure auto as the local facility.

    For example, Enter the local facility (auto | local0-local7): auto

  6. Apply the configuration:

    apply

    You can now configure the log source in QRadar.

  7. To configure QRadar to receive events from a Nortel Switched Firewall 6000 using syslog: From the Log Source Type list, select the Nortel Switched Firewall 6000 option.