Configuring syslog for Brocade Fabric OS appliances

To collect events, you must configure syslog on your Brocade appliance to forward events to IBM QRadar.

Procedure

  1. Log in to your appliance as an admin user.
  2. To configure an address to forward syslog events, type the following command:

    syslogdipadd <IP address>

    Where <IP address> is the IP address of the QRadar Console, Event Processor, Event Collector, or all-in-one system.

  3. To verify the address, type the following command:

    syslogdipshow

Results

As the Brocade switch generates events the switch forwards events to the syslog destination you specified. The log source is automatically discovered after enough events are forwarded by the Brocade appliance. It typically takes a minimum of 25 events to automatically discover a log source.

What to do next

Administrators can log in to the QRadar Console and verify that the log source is created on the QRadar Console and that the Log Activity tab displays events from the Brocade appliance.