Syslog log source parameters for Check Point
If the QRadar® product does not automatically detect the data source, add a Check Point data source by using the Syslog connector.
When using the Syslog connector, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect Syslog
events from Check Point:
| Parameter | Value |
|---|---|
| Data source type | Check Point |
| Connector type | Syslog |
| Data source identifier |
Type the IP address or host name for the log source as an identifier for events from your Check Point devices. |
For information about adding a data source by using the Syslog connector in the QRadar product, see Adding ingestion data sources.