PCAP Syslog Combination log source parameters for Juniper SRX Series

If QRadar does not automatically detect the log source, add a Juniper SRX Series log source on the QRadar Console by using the PCAP Syslog Combination protocol.

QRadar detects the syslog data and adds the log source automatically. The PCAP data can be added to QRadar as Juniper SRX Series Services Gateway log source by using the PCAP Syslog combination protocol. Adding the PCAP Syslog Combination protocol after QRadar auto discovers the Junos OS syslog data adds a log source to your existing log source limit. Deleting the existing syslog entry, then adding the PCAP Syslog Combination protocol adds both syslog and PCAP data as single log source.

When using the PCAP Syslog Combination protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect PCAP Syslog Combination events from Juniper SRX Series:
Table 1. PCAP Syslog Combination log source parameters for the Juniper SRX Series DSM
Parameter Value
Log Source type Juniper SRX-series Services Gateway

For a complete list of PCAP Syslog Combination protocol parameters and their values, see c_logsource_PCAPprotocol.html.