Configuring SNMP to syslog conversion on Oracle Acme Packet SBC

To collect events in a format compatible with IBM QRadar, you must enable SNMP to syslog conversion and configure a syslog destination.

Procedure

  1. Use SSH to log in to the command-line interface of your Oracle Acme Packet SBC installation, as an administrator.
  2. Type the following command to start the configuration mode:

    config t

  3. Type the following commands to start the system configuration:

    (configure)# system (system)# (system)# system-config (system-config)# sel

    The sel command is required to select a single-instance of the system configuration object.

  4. Type the following commands to configure your QRadar system as a syslog destination:

    (system-config)# syslog-servers (syslog-config)# address <QRadar IP address> (syslog-config)# done

  5. Type the following commands to enable SNMP traps and syslog conversion for SNMP trap notifications:
    (system-config)# enable-snmp-auth-traps enabled (system-config)# enable-snmp-syslog-notify enabled (system-config)# enable-snmp-monitor-traps enabled (system-config)# ids-syslog-facility 4 (system-config)# done
  6. Type the following commands to return to configuration mode:

    (system-config)# exit (system)# exit (configure)#