Configuring your FireEye HX system for communication with QRadar®

To enable FireEye HX to communicate with IBM QRadar, configure your FireEye HX appliance to forward syslog events.

Procedure

  1. Log in to the FireEye HX appliance by using the CLI.
  2. To activate configuration mode, type the following commands:

    enable

    configure terminal

  3. To add a remote syslog server destination, type the following commands:

    logging <remote_IP_address> trap none

    logging <remote_IP_address> trap override class cef priority info

  4. To save the configuration changes to the FireEye HX appliance, type the following command:

    write mem