Brocade Fabric OS sample event messages

Use these sample event messages to verify a successful integration with IBM QRadar.

Important: Due to formatting issues, paste the message format into a text editor and then remove any carriage return or line feed characters.

Brocade Fabric OS sample message when you use the Syslog protocol

The following sample event shows that a simple network management protocol (SNMP) login occurred. An IP address is displayed when the login occurs over a remote connection.

<190>Nov  3 15:08:04 brocade.fabricos.test raslogd: AUDIT, 2020/11/03-15:08:04 (CET), [SNMP-3020], INFO, SECURITY, NONE/admin/NONE/None/CLI, aa_111/aaaaa_11/AAA 128, 7.4.2e, , , , , , , Event: Login, Info: SNMP login attempt via  IP: 10.236.171.12, Time: Tue Nov  3 15:08:01 2020
Table 1. Highlighted values in the Brocade Fabric OS event
QRadar field name Highlighted values in the event payload
Event ID SNMP-3020
Source IP 10.236.171.12