Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring HBGary Active Defense

 

You can configure a route for syslog events in Active Defense for JSA.

  1. Log in to the Active Defense Management Console.
  2. From the navigation menu, select Settings >Alerts.
  3. Click Add Route.
  4. In the Route Name field, type a name for the syslog route you are adding to Active Defense.
  5. From the Route Type list, select LEEF (Q1 Labs).
  6. In the Settings pane, configure the following values:
    • Host— Type the IP address or hostname for your JSA console or Event Collector.

    • Port— Type 514 as the port number.

  7. In the Events pane, select any events that you want to forward to JSA.
  8. Click OK to save your configuration changes.

    The Active Defense device configuration is complete. You are now ready to configure a log source in JSA. For more information on configuring a route in Active Defense, see your HBGary Active Defense User Guide.