Configuring HBGary Active Defense
You can configure a route for syslog events in Active Defense for JSA.
- Log in to the Active Defense Management Console.
- From the navigation menu, select Settings >Alerts.
- Click Add Route.
- In the Route Name field, type a name for the syslog route you are adding to Active Defense.
- From the Route Type list, select LEEF (Q1 Labs).
- In the Settings pane, configure the following
Host— Type the IP address or hostname for your JSA console or Event Collector.
Port— Type 514 as the port number.
- In the Events pane, select any events that you want to forward to JSA.
- Click OK to save your configuration changes.
The Active Defense device configuration is complete. You are now ready to configure a log source in JSA. For more information on configuring a route in Active Defense, see your HBGary Active Defense User Guide.