TLS Syslog log source parameters for Suricata

If IBM® QRadar® does not automatically detect the log source, add a Suricata log source on the QRadar Console by using the TLS Syslog protocol.

The following table describes the parameters that require specific values to collect Syslog events from Suricata:

Table 1. TLS Syslog log source parameters for the Suricata DSM
Parameter Value
Log Source type Suricata
Protocol Configuration TLS Syslog
Log Source Identifier A unique identifier for the log source.
TLS Protocols Select the version of TLS that is installed on the client.

For a complete list of TLS Syslog protocol parameters and their values, see TLS Syslog protocol configuration options.