Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring a Log Source for Sourcefire Intrusion Sensor in JSA

 

JSA automatically discovers and creates a log source for syslog events from Sourcefire Intrusion Sensor. However, you can manually create a log source for JSA to receive syslog events. The following procedure is optional.

  1. Log in to JSA.
  2. Click the Admin tab.
  3. On the navigation menu, click Data Sources.
  4. Click the Log Sources icon.
  5. Click Add
  6. In the Log Source Name field, type a name for your log source.
  7. In the Log Source Description field, type a description for your log source.
  8. From the Log Source Type list, select Snort Open Source IDS..
  9. From the Protocol Configuration list, select Syslog.
  10. Configure the remaining parameters.
  11. Click Save.
  12. On the Admin, click Deploy Changes.

You are now ready to configure the log source in JSA.