Configuring syslog for CRYPTOCard CRYPTO-Shield

To configure your CRYPTOCard CRYPTO-Shield device to forward syslog events:

Procedure

  1. Log in to your CRYPTOCard CRYPTO-Shield device.
  2. Configure the following System Configuration parameters:
    Important: You must have CRYPTOCard Operator access with the assigned default Super-Operator system role to access the System Configuration parameters.
    • log4j.appender.<protocol> - Directs the logs to a syslog host where:
      • <protocol> is the type of log appender, that determines where you want to send logs for storage.
        The options are as follows: ACC, DBG, or LOG. For this parameter, type the following entry:
        org.apache.log4j.net.SyslogAppender
    • log4j.appender.<protocol>.SyslogHost <IP address> - Type the IP address or host name of the syslog server where:
      • <Protocol> is the type of log appender, that determines where you want to send logs for storage. The options are as follows: ACC, DBG, or LOG.
      • <IP address> is the IP address of the IBM QRadar host to which you want to send logs.
    Specify the IP address parameter after the log4j.apender.<protocol> parameter is configured.

    The configuration is complete. Events that are forwarded to QRadar by CRYPTOCard CRYPTO-Shield are displayed on the Log Activity tab.