Syslog configuration in the Cylance console
You need the following information about your QRadar console.
- Protocol (TCP or UDP)
- TLS/SSL enabled or disabled
- IP address or domain address for QRadar
- Listening port for QRadar
- In the Cylance console, selectSettings > Application.
- Select the event types you want to send to your QRadar console.
- Select IBM QRadar from the SIEM list.
- Select the protocol, either TCP or UDP.
- Enable the TLS/SSL feature, if needed.
- Enter the IP address or domain address of your QRadar console.
- Enter the listening port for your QRadar console.
- Optionally, select a severity.
- Optionally, select a facility.
- Optionally, enter a custom token.
- ClickTest Connectionto test the connection between your QRadar console and the Cylance console.