IBM ZSecure Alert
The IBM zSecure Alert DSM for JSA accepts alert events by using syslog, allowing JSA to receive alert events in real time.
The alert configuration on your IBM zSecure Alert appliance determines which alert conditions you want to monitor and forward to JSA. To collect events in JSA, you must configure your IBM zSecure Alert appliance to forward events in a UNIX syslog event format by using the JSA IP address as the destination. For information on configuring UNIX syslog alerts and destinations, see the IBM Security zSecure Alert User Reference Manual.
JSA automatically discovers and creates a log source for syslog events from IBM zSecure Alert. However, you can manually create a log source for JSA to receive syslog events. The following configuration steps are optional.
- Log in to JSA.
- Click the Admin tab.
- Click the Log Sources icon.
- Click Add.
- In the Log Source Name field, type a name for your log source.
- In the Log Source Description field, type a description for the log source.
- From the Log Source Type list, select IBM zSecure Alert.
- Using the Protocol Configuration list, select Syslog.
- Configure the following values:
Table 1: Syslog Parameters
Log Source Identifier
Type the IP address or host name for the log source as an identifier for events from your IBM zSecure Alert.
- Click Save.
- On the Admin tab, click Deploy Changes.
The configuration is complete.