Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring a Log Source

 

JSA automatically discovers and creates a log source for LEEF formatted syslog events that are forwarded from Active Defense.

The following configuration steps are optional:

  1. Log in to JSA.
  2. Click the Admin tab.
  3. In the navigation menu, click Data Sources.
  4. Click the Log Sources icon.
  5. Click Add.
  6. In the Log Source Name field, type a name for the log source.
  7. In the Log Source Description field, type a description for the log source.
  8. From the Log Source Type list, select HBGary Active Defense.
  9. From the Protocol Configuration list, select Syslog.
  10. Configure the following values:

    Table 1: HBGary Active Defense Syslog Protocol Parameters

    Parameter

    Description

    Log Source Identifier

    Type the IP address or host name for your HBGary Active Defense device.

    The IP address or host name identifies your HBGary Active Defense device as a unique event source in JSA.

  11. Click Save.
  12. On the Admin tab, click Deploy Changes.

    The HBGary Active Defense configuration is complete.