Create a log source for near real-time event feed
The Syslog protocol enables IBM® QRadar® to receive System Management Facilities (SMF) events in near real-time from a remote host.
The following DSMs are supported:
- IBM z/OS
- IBM CICS®
- IBM RACF®
- IBM DB2®
- CA Top Secret
- CA ACF2
If QRadar does not automatically detect the log source, add a log source for your DSM on the QRadar console.
The following table describes the parameters that require specific values for event collection for your DSM:
|Log Source type||Select your DSM name from the list.|
|Log Source Identifier||Type a unique identifier for the log source.|