Configuring Townsend Security Alliance LogAgent to integrate with QRadar
You can collect all audit logs and system events from Townsend Security Alliance LogAgent. You must configure Alliance LogAgent for the IBM QRadar LEEF and configure a destination that specifies QRadar as the syslog server.
Procedure
What to do next
After TCP services start, consider automatically starting
the Alliance LogAgent subsystem by modifying your IPL QSTRUP program
to include the following statements:
/* START ALLIANCE LOGAGENT */
QSYS/STRSBS ALLSYL100/ALLSYL100
MONMSG MSGID(CPF0000)
For more information about installing and configuring for Independent Auxiliary Storage Pool operation, and more filter options for events, see your vendor documentation.