Log File log source parameters for Fair Warning
If QRadar does not automatically detect the log source, add a Fair Warning log source on the QRadar Console by using the Log File protocol.
When using the Log File protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect Log File
events from Fair Warning:
Parameter | Value |
---|---|
Log Source type | Fair Warning |
Protocol Configuration | Log File |
Log Source Identifier |
Type the IP address or host name for the log source as an identifier for events from your Fair Warning devices. |
FTP File Pattern | Type a regular expression that matches the log files that are generated by the Fair Warning system. |
Remote Directory | Type the path to the directory that contains logs from your Fair Warning device. |
Event Generator | Fair Warning |
For a complete list of Log File protocol parameters and their values, see Log File protocol configuration options.