Log File log source parameters for Fair Warning
If QRadar® does not automatically detect the log source, add a Fair Warning log source on the QRadar Console by using the Log File protocol.
When using the Log File protocol, there are specific parameters that you must use.
|Log Source type||Fair Warning|
|Protocol Configuration||Log File|
|Log Source Identifier||
Type the IP address or host name for the log source as an identifier for events from your Fair Warning devices.
|FTP File Pattern||Type a regular expression that matches the log files that are generated by the Fair Warning system.|
|Remote Directory||Type the path to the directory that contains logs from your Fair Warning device.|
|Event Generator||Fair Warning|
For a complete list of Log File protocol parameters and their values, see Log File protocol configuration options.