Configuring syslog for CRYPTOCard CRYPTO-Shield
To configure your CRYPTOCard CRYPTO-Shield device to forward syslog events:
Procedure
- Log in to your CRYPTOCard CRYPTO-Shield device.
-
Configure the following System Configuration parameters:
Important: You must have CRYPTOCard Operator access with the assigned default Super-Operator system role to access the System Configuration parameters.
log4j.appender.<protocol>
- Directs the logs to a syslog host where:- <protocol> is the type of log appender, that determines where you want to
send logs for storage.
The options are as follows: ACC, DBG, or LOG. For this parameter, type the following entry:
org.apache.log4j.net.SyslogAppender
- <protocol> is the type of log appender, that determines where you want to
send logs for storage.
log4j.appender.<protocol>.SyslogHost <IP address>
- Type the IP address or host name of the syslog server where:- <Protocol> is the type of log appender, that determines where you want to send logs for storage. The options are as follows: ACC, DBG, or LOG.
- <IP address> is the IP address of the IBM QRadar host to which you want to send logs.
log4j.apender.<protocol>
parameter is configured.The configuration is complete. Events that are forwarded to QRadar by CRYPTOCard CRYPTO-Shield are displayed on the Log Activity tab.