Skip Navigation

Syslog configuration in the Cylance console

You need the following information about your QRadar console.
  • Protocol (TCP or UDP)
  • TLS/SSL enabled or disabled
  • IP address or domain address for QRadar
  • Listening port for QRadar
  1. In the Cylance console, select
    Settings > Application
  2. Enable
  3. Select the event types you want to send to your QRadar console.
  4. Select IBM QRadar from the SIEM list.
  5. Select the protocol, either TCP or UDP.
  6. Enable the TLS/SSL feature, if needed.
  7. Enter the IP address or domain address of your QRadar console.
  8. Enter the listening port for your QRadar console.
  9. Optionally, select a severity.
  10. Optionally, select a facility.
  11. Optionally, enter a custom token.
  12. Click
    Test Connection
    to test the connection between your QRadar console and the Cylance console.
  13. Click