Syslog Log Source Parameters for Honeycomb Lexicon File Integrity Monitor

Log Source Name

Type a name for your log source.

Log Source Description

Type a description for the log source

Log Source Type

Honeycomb Lexicon File Integrity Monitor

Protocol Configuration

Syslog

Log Source Identifier

Type the IP address or host name for the log source as an identifier for events from your Honeycomb Lexicon FIM installation.

The Log Source Identifier must be unique value.

Enabled

Select this check box to enable the log source. By default, the check box is selected.

Credibility

From the list, select the Credibility of the log source. The range is 0 - 10.

The credibility indicates the integrity of an event or offense as determined by the credibility rating from the source devices. Credibility increases if multiple sources report the same event. The default is 5.

Target Event Collector

From the list, select the Target Event Collector to use as the target for the log source.

Coalescing Events

Select this check box to enable the log source to coalesce (bundle) events.

By default, automatically discovered log sources inherit the value of the Coalescing Events list from the System Settings in JSA. When you create a log source or edit an existing configuration, you can override the default value by configuring this option for each log source.

Incoming Event Payload

From the list, select the incoming payload encoder for parsing and storing the logs.

Store Event Payload

Select this check box to enable the log source to store event payload information.

By default, automatically discovered log sources inherit the value of the Store Event Payload list from the System Settings in JSA. When you create a log source or edit an existing configuration, you can override the default value by configuring this option for each log source.