VMware VShield

VMware VShield DSM Integration Process

You can integrate VMware vShield DSM with JSA.

Use the following procedures:

1. If automatic updates are not enabled, download and install the most recent version of the VMware vShield RPM from the Juniper Downloads onto your JSA Console.

2. For each instance of VMware vShield, configure your VMware vShield system to enable communication with JSA. This procedure must be completed for each instance of VMware vShield.

3. If JSA does not automatically discover the log source, for each VMware vShield server that you want to integrate, create a log source on the JSA console.

Syslog Log Source Parameters for VMware vShield

If JSA does not automatically detect the log source, add a VMware vShield log source on the JSA Console by using the Syslog protocol.

When using the Syslog protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect Syslog events from VMware vShield:

Table 2: Syslog Log Source Parameters for the VMware vShield DSM

Parameter	Value
Log Source Type	VMware vShield DSM
Protocol Configuration	Syslog
Log Source Identifier	Type the IP address or hostname of the VMware device. The log source identifier must be unique value.

Configuring Your VMware VShield System for Communication with JSA

To collect all audit logs and system events from VMware vShield, you must configure the vShield Manager. When you configure VMware vShield, you must specify JSA as the syslog server.

1. Access your vShield Manager inventory pane.

2. Click Settings & Reports.

3. Click Configuration >General.

4. Click Edit next to the Syslog Server option.

5. Type the IP address of your JSA console.

6. Optional: Type the port for your JSA console. If you do not specify a port, the default UDP port for the IP address/host name of your JSA console is used.

7. Click OK.