TLS Syslog log source parameters for Suricata
If IBM QRadar does not automatically detect the log source, add a Suricata log source on the QRadar Console by using the TLS Syslog protocol.
The following table describes the parameters that require specific values to collect Syslog events from Suricata:
| Parameter | Value |
|---|---|
| Log Source type | Suricata |
| Protocol Configuration | TLS Syslog |
| Log Source Identifier | A unique identifier for the log source. |
| TLS Protocols | Select the version of TLS that is installed on the client. |
For a complete list of TLS Syslog protocol parameters and their values, see TLS Syslog protocol configuration options.