This method ensures the IBM
QRadar Nortel Switched Firewall
6000 DSM accepts events by using syslog.
About this task
To configure your Nortel Switched Firewall 6000:
Procedure
-
Log into your Nortel Switched Firewall device command-line interface
(CLI).
-
Type the following command:
-
Type the IP address of your QRadar system at the following
prompt:
Enter IP address of syslog server:
A prompt is displayed to configure the severity level.
-
Configure info as the severity level.
For example, Enter minimum logging severity
(emerg | alert | crit | err | warning | notice | info | debug): info
A prompt is displayed to configure the facility.
-
Configure auto as the local facility.
For example, Enter the local facility (auto | local0-local7): auto
-
Apply the configuration:
apply
You can now configure the log source in QRadar.
-
To configure QRadar to
receive events from a Nortel Switched Firewall 6000 using syslog: From the Log Source Type list,
select the Nortel Switched Firewall 6000 option.