Cisco CSA
You can integrate a Cisco Security Agent (CSA) server with JSA.
The Cisco CSA DSM accepts all events by using the syslog, SNMPv1 and SNMPv2 protocols. JSA records all configured Cisco CSA alerts.
Configuring Cisco CSA to send events to JSA
Configuration of your Cisco CSA server to forward events.
Take the following steps to configure your Cisco CSA server to forward events:
Open the Cisco CSA user interface.
Select Events >Alerts.
Click New.
The Configuration View window is displayed.
Type in values for the following parameters:
Name Type a name that you want to assign to your configuration.
Description Type a description for the configuration. This step is not a requirement.
From the Send Alerts, select the event set from the list to generate alerts.
Select the SNMP check box.
Type a Community name.
The Community name that is entered in the CSA user interface must match the Community name that is configured on JSA. This option is only available for the SNMPv2 protocol.
For the Manager IP address parameter, type the IP address of JSA.
Click Save.
You are now ready to configure the log source in JSA.
Syslog Log Source Parameters for Cisco CSA
If JSA does not automatically detect the log source, add a Cisco CSA log source on the JSA Console by using the syslog protocol.
When using the syslog protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect syslog events from Cisco CSA devices:
Parameter |
Description |
---|---|
Log Source type |
Cisco CSA |
Protocol Configuration |
Syslog |
Log Source Identifier |
Type the IP address or host name for the log source. The identifier helps you determine which events came from your Cisco CSA device. |
SNMPv1 log source parameters for Cisco CSA
If JSA does not automatically detect the log source, add a Cisco CSA log source on the JSA Console by using the SNMPv1 protocol.
When using the SNMPv1 protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect SNMPv1 events from Cisco CSA devices:
Parameter |
Value |
---|---|
Log Source Name |
Type a name for your log source. |
Log Source type |
Cisco CSA |
Protocol Configuration |
SNMPv1 |
Log Source Identifier |
Type the IP address or host name for the log source. The identifier helps you determine which events came from your Cisco CSA device. |
Community |
Type the SNMP community name required to access the system containing SNMP events. The default is Public. |
Include OIDs in Event Payload |
Clear the Include OIDs in Event Payload checkbox, if selected. This options allows the SNMP event payload to be constructed using name-value pairs instead of the standard event payload format. Including OIDs in the event payload is required for processing SNMPv2 or SNMPv3 events from certain DSMs. |
SNMPv2 log source parameters for Cisco CSA
If JSA does not automatically detect the log source, add a Cisco CSA log source on the JSA Console by using the SNMPv2 protocol.
When using the SNMPv2 protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect SNMPv2 events from Cisco CSA devices:
Parameter |
Value |
---|---|
Log Source Name |
Type a name for your log source. |
Log Source type |
Cisco CSA |
Protocol Configuration |
SNMPv2 |
Log Source Identifier |
Type the IP address or host name for the log source. The identifier helps you determine which events came from your Cisco CSA device. |
Community |
Type the SNMP community name required to access the system containing SNMP events. The default is Public. |
Include OIDs in Event Payload |
Clear the Include OIDs in Event Payload checkbox, if selected. This options allows the SNMP event payload to be constructed using name-value pairs instead of the standard event payload format. Including OIDs in the event payload is required for processing SNMPv2 or SNMPv3 events from certain DSMs. |
For more information about the SNMPv2 protocol, see SNMPv2 protocol configuration optionsSNMPv2 Protocol Configuration Options.