Configuring syslog alerts

Use this integration to set up syslog alerts from GuardiumĀ® Insights.

Before you begin

To see the various settings, open the main menu. Open this menu by clicking the main menu icon (main menu) After opening the menu, select Integrations and then select the Syslog logging protocol (syslog) card.

Procedure

  1. After reading the About information, click Next.
  2. Enter a unique name for the integration in the Name field.
  3. Host: Enter the syslog host name.
  4. Port: Enter the port for the syslog host.
  5. Select the transfer protocol to use (by default, udp is used).
  6. Select the Include QRadar LEEF header in templates check box to include the QRadar header in LEEF format.
  7. After completing the configuration settings, click Test connection to ensure that the Guardium Insights can connect to the syslog server.
  8. After testing the connection, click Finish to save the syslog configuration and create the integration.