Syslog log source parameters for Forcepoint TRITON
When you add a Forcepoint TRITON log source on the QRadar® Console by using the syslog protocol, there are specific parameters you must use.
The following table describes the parameters that require specific values to collect syslog
events from Forcepoint TRITON:
| Parameter | Value |
|---|---|
| Log Source Name | Type a name for your log source. |
| Log Source Description | Type a description for your log source. |
| Log Source Type | Forcepoint V Series |
| Protocol Configuration | Syslog |
| Log Source Identifier | Type the IP address or host name for the log source as an identifier or events from Forcepoint TRITON or V-series appliance. |