Syslog log source parameters for Suricata
If IBM QRadar does not automatically detect the log source, add a Suricata log source on the QRadar Console by using the Syslog protocol.
The following table describes the parameters that require specific values to collect Syslog events from Suricata:
| Parameter | Value |
|---|---|
| Log Source type | Suricata |
| Protocol Configuration | Syslog |
| Log Source Identifier | A unique identifier for the log source. |