Configuring syslog for Foundry FastIron
To integrate IBM® QRadar® with a Foundry FastIron RX device, you must configure the appliance to forward syslog events.
- Log in to the Foundry FastIron device command-line interface (CLI).
Type the following command to enable logging:
Local syslog is now enabled with the following defaults:
- Messages of all syslog levels (Emergencies - Debugging) are logged.
- Up to 50 messages are retained in the local syslog buffer.
- No syslog server is specified.
Type the following command to define an IP address for the syslog server:
logging host <IP Address>
Where <IP Address> is the IP address of your QRadar.
You are now ready to configure the log source in QRadar.