Configuring H3C Comware Platform to communicate with QRadar

To collect H3C Comware Platform events, enable syslog settings and configure a log host. H3C Switches, H3C Routers, H3C Wireless LAN Devices, and H3C IP Security Devices are supported by QRadar.

Procedure

  1. Log in to the command line interface by using the console port, or by using Telnet or SSH.
    For more information about login methods, see the Logging into the CLI section in the configuration guide for your H3C devices.
  2. To access the system view, type the <system_name> system-view command.
  3. To enable the syslog settings, type the following commands in the order that they are listed.
    1. info-center source default loghost deny
    2. info-center source AAA loghost level informational
    3. info-center source ACL loghost level informational
    4. info-center source FIPS loghost level informational
    5. info-center source HTTPD loghost level informational
    6. info-center source IKE loghost level informational
    7. info-center source IPSEC loghost level informational
    8. info-center source LOGIN loghost level informational
    9. info-center source LS loghost level informational
    10. info-center source PKI loghost level informational
    11. info-center source PORTSEC loghost level informational
    12. info-center source PWDCTL loghost level informational
    13. info-center source RADIUS loghost level informational
    14. info-center source SHELL loghost level informational
    15. info-center source SNMP loghost level informational
    16. info-center source SSHS loghost level informational
    17. info-center source TACACS loghost level informational
    18. info-center loghost <QRadar Event Collector IP> 514
  4. To exit the system view, type the quit <system_name> command.