Configuring syslog alerts

Use this integration to set up syslog alerts from Guardium® Insights SaaS.

Before you begin

StandardPremium This feature is available only in the Standard and Premium editions of Guardium Insights SaaS.

To see the various settings, open the main menu. Open this menu by clicking the main menu icon (main menu)) After opening the menu, select Integrations and then select the Syslog logging protocol (syslog) card.

Procedure

  1. After reading the About information, click Next.
  2. Enter a unique name for the integration in the Name field.
  3. Host: Enter the syslog host name.
  4. Port: Enter the port for the syslog host.
  5. Select the transfer protocol to use (by default, udp is used).
  6. Select the Include QRadar LEEF header in templates check box to include the QRadar header in LEEF format.
  7. After completing the configuration settings, click Test connection to ensure that the Guardium Insights SaaS can connect to the syslog server.
  8. After testing the connection, click Finish to save the syslog configuration and create the integration.