Configuring syslog for Foundry FastIron

To integrate IBM QRadar with a Foundry FastIron RX device, you must configure the appliance to forward syslog events.

Procedure

  1. Log in to the Foundry FastIron device command-line interface (CLI).
  2. Type the following command to enable logging:

    logging on

    Local syslog is now enabled with the following defaults:

    • Messages of all syslog levels (Emergencies - Debugging) are logged.
    • Up to 50 messages are retained in the local syslog buffer.
    • No syslog server is specified.
  3. Type the following command to define an IP address for the syslog server:

    logging host <IP Address>

    Where <IP Address> is the IP address of your QRadar.

    You are now ready to configure the log source in QRadar.