Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configure the Vantio LEEF Adapter

 

You can install and configure your Vantio LEEF Adapter.

  1. Use SSH to log in to your Vantio engine server.
  2. Install the Vantio LEEF Adapter:

    sudo rpm -I VantioLEEFAdapter-0.1-a.x86_64.rpm

  3. Edit the Vantio LEEF Adapter configuration file.

    usr/local/nom/sbin/VantioLEEFAdapter

  4. Configure the Vantio LEEF Adapter configuration to forward LEEF events to JSA:

    -qradar-dest-addr=<IP Address>

    Where <IP Address> is the IP address of your JSA console or Event Collector.

  5. Save the Vantio LEEF configuration file.
  6. Type the following command to start the Vantio Adapter:

    usr/local/nom/sbin/VantioLEEFAdapter &

    The configuration is complete. The log source is added to JSA as Nominum Vantio events are automatically discovered. Events forwarded to JSA by the Vantio LEEF Adapter are displayed on the Log Activity tab of JSA.