SNMPv2 log source parameters for Cisco CSA
If QRadar does not automatically detect the log source, add a Cisco CSA log source on the QRadar Console by using the SNMPv2 protocol.
When using the SNMPv2 protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect SNMPv2
events from Cisco CSA devices:
Parameter | Value |
---|---|
Log Source Name | Type a name for your log source. |
Log Source type | Cisco CSA |
Protocol Configuration | SNMPv2 |
Log Source Identifier | Type the IP address or host name for the log source. The identifier helps you determine which events came from your Cisco CSA device. |
Community | Type the SNMP community name required to access the system containing SNMP events. The default is Public. |
Include OIDs in Event Payload |
Clear the Include OIDs in Event Payload checkbox, if selected. This options allows the SNMP event payload to be constructed using name-value pairs instead of the standard event payload format. Including OIDs in the event payload is required for processing SNMPv2 or SNMPv3 events from certain DSMs. |
For more information about the SNMPv2 protocol, see SNMPv2 protocol configuration options.