Syslog log source parameters for Sun Solaris OS
If QRadar does not automatically detect the log source, add a Sun Solaris OS log source on the QRadar Console by using the Syslog protocol.
When you use the Syslog protocol, there are specific parameters that you must configure.
The following table describes the parameters that require specific values to collect Syslog
events from Sun Solaris OS:
Parameter | Value |
---|---|
Log Source type | Sun Solaris Operating System Authentication Messages |
Protocol Configuration | Syslog |
Log Source Identifier |
A unique name for the log source. The Log Source Identifier can be any valid value and does not need to reference a specific server. The Log Source Identifier can be the same value as the log source Name. If you have more than one Sun Solaris OS log source that is configured, you might want to identify the first log source as solarisos1, the second log source as solarisos2, and the third log source as solarisos3. |