Hewlett Packard Enterprise UNIX (HPE-UX)

To forward events from Hewlett Packard Enterprise UniX (HPE-UX) to IBM® QRadar®, configure your HPE-UX device to send syslog events to QRadar.

About this task

You can configure syslog on your HPE-UX device to forward events to QRadar.

Procedure

  1. Log in to the HPE-UX device command-line interface.
  2. Open the following file:

    /etc/syslog.conf

  3. Add the following line:

    <facility>.<level><destination>

    Where:

    • <facility> is auth.
    • <level> is info.
    • <destination> is the IP address of the QRadar Console.
  4. Save and exit the file.
  5. Type the following command to ensure that syslogd enforces the changes to the syslog.conf file.

    kill -HUP `cat /var/run/syslog.pid`

    Tip: Back quotation marks are used in the command-line.

What to do next

Add a log source in QRadar.