Log File log source parameters for Fair Warning

If QRadar does not automatically detect the log source, add a Fair Warning log source on the QRadar Console by using the Log File protocol.

When using the Log File protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect Log File events from Fair Warning:
Table 1. Log File log source parameters for the Fair Warning DSM
Parameter Value
Log Source type Fair Warning
Protocol Configuration Log File
Log Source Identifier

Type the IP address or host name for the log source as an identifier for events from your Fair Warning devices.

FTP File Pattern Type a regular expression that matches the log files that are generated by the Fair Warning system.
Remote Directory Type the path to the directory that contains logs from your Fair Warning device.
Event Generator Fair Warning

For a complete list of Log File protocol parameters and their values, see Log File protocol configuration options.