Kisco Information Systems SafeNet/i
The IBM QRadar DSM for Kisco Information Systems SafeNet/i collects event logs from IBM i systems.
The following table identifies the specifications for the Kisco Information Systems
SafeNet/i DSM:
| Specification | Value |
|---|---|
| Manufacturer | Kisco Information Systems |
| DSM name | Kisco Information Systems SafeNet/i |
| RPM file name | DSM-KiscoInformationSystemsSafeNetI-Qradar_version-build_number.noarch.rpm |
| Supported versions | V10.11 |
| Protocol | Log File |
| Recorded event types | All events |
| Automatically discovered? | No |
| Includes identity? | No |
| Includes custom properties? | No |
| More information | Kisco Information Systems website (http://www.kisco.com/safenet/summary.htm) |
To collect Kisco Information Systems SafeNet/i events, complete the following steps:
- If automatic updates are not enabled, download and install the most recent
version of the following RPMs from the IBM® Support Website onto your QRadar
Console:
- DSMCommon RPM
- Log File Protocol RPM
- Kisco Information Systems SafeNet/i DSM RPM
- Configure your Kisco Information Systems SafeNet/i device to communicate with QRadar.
- Add a Kisco Information Systems SafeNet/i log source on the QRadar
Console. The following table describes the parameters that require specific
values for Kisco Information Systems SafeNet/i event collection:
Table 2. Kisco Information Systems SafeNet/i log source parameters Parameter Value Log Source type Kisco Information Systems SafeNet/i Protocol Configuration Log File Service Type FTP Remote IP or Hostname The IP or host name of Kisco Information systems SafeNet/i device. Remote Port 21 Remote User The IBM i User ID that you created for QRadar in Kisco Information Systems SafeNet/i. Remote Directory Leave this field empty. FTP File Pattern .* FTP Transfer Mode BINARY Processor NONE Event Generator LINEBYLINE File Encoding US-ASCII