Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Lastline Enterprise

 

The JSA DSM for Lastline Enterprise receives anti-malware events from Lastline Enterprise systems.

The following table identifies the specifications for the Lastline Enterprise DSM:

Table 1: Lastline Enterprise DSM Specifications

Specification

Value

Manufacturer

Lastline

DSM name

Lastline Enterprise

RPM file name

DSM-LastlineEnterprise-JSA_version-build_number.noarch.rpm

Supported versions

6.0

Protocol

LEEF

Recorded event types

Anti-malware

Automatically discovered?

Yes

Includes identity?

No

Includes custom properties?

No

More information

Lastline website (http://www.lastline.com/platform/enterprise)

To send Lastline Enterprise events to JSA, complete the following steps:

  1. If automatic updates are not enabled, download and install the most recent version of the following RPMs on your JSA console:

    • DSMCommon RPM

    • Lastline Enterprise DSM RPM

  2. Configure your Lastline Enterprise device to send syslog events to JSA.

  3. If JSA does not automatically detect the log source, add a Lastline Enterprise log source on the JSA Console. The following table describes the parameters that require specific values that are required for Lastline Enterprise event collection:

    Table 2: Lastline Enterprise Log Source Parameters

    Parameter

    Value

    Log Source type

    Lastline Enterprise

    Protocol Configuration

    Syslog