Syslog log source parameters for Symantec SGS
If QRadar does not automatically detect the log source, add a Symantec SGS log source on the QRadar Console by using the Syslog protocol.
When using the Syslog protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect Syslog
events from Symantec SGS:
| Parameter | Value |
|---|---|
| Log Source Name | Type a name for your log source |
| Log Source Description | Type a description for the log source. |
| Log Source Type | Symantec Gateway Security (SGS) Appliance |
| Protocol Configuration | Syslog |
| Log Source Identifier | Type the IP address or host name for the log source. |