IBM ZSecure Alert
The IBM®zSecure Alert DSM for JSA accepts alert events by using syslog, allowing JSA to receive alert events in real time.
The alert configuration on your IBM®zSecure Alert appliance determines which alert conditions you want to monitor and forward to JSA. To collect events in JSA, you must configure your IBM®zSecure Alert appliance to forward events in a UNIX syslog event format by using the JSA IP address as the destination. For information on configuring UNIX syslog alerts and destinations, see the IBM® Security zSecure Alert User Reference Manual.
JSA automatically discovers and creates a log source for syslog events from IBM®zSecure Alert. However, you can manually create a log source for JSA to receive syslog events. The following configuration steps are optional.
- Log in to JSA.
- Click the Admin tab.
- Click the Log Sources icon.
- Click Add.
- In the Log Source Name field, type a name for your log source.
- In the Log Source Description field, type a description for the log source.
- From the Log Source Type list, select IBM® zSecure Alert.
- Using the Protocol Configuration list, select Syslog.
- Configure the following values:
Table 1: Syslog Parameters
Log Source Identifier
Type the IP address or host name for the log source as an identifier for events from your IBM®zSecure Alert.
- Click Save.
- On the Admin tab, click Deploy Changes.
The configuration is complete.