IBM Proventia
Management
SiteProtector
NOTE
Configuring SIEM to
Receive Events
Step 1
Step 2
Step 3
Step 4
Step 5
Step 6
Step 7
To configure SIEM to receive events from as IBM Lotus Domino device:
From the Log Source Type drop-down list box, select the IBM Lotus Domino
option.
For more information on configuring log sources, see the Log Sources User Guide.
For more information about IBM Lotus Domino see your vendor documentation.
A SIEM IBM Proventia Management SiteProtector DSM accepts SiteProtector
events by polling the SiteProtector database allowing SIEM to record the relevant
events. You can integrate SiteProtector version 2.0 with SIEM.
Before you configure SIEM to integrate with SiteProtector, you should create a
database user account and password. The defined user must have read
permissions for the table used to store SiteProtector events, which is defined
during protocol configuration. Although creating this account is not required, it is
recommended for your protection. Record the username and password for use
when configuring the SiteProtector DSM protocol configuration.
Ensure that no firewall rules are blocking the communication between the
SiteProtector console and SIEM.
To configure SIEM to receive SiteProtector events:
Click the Admin tab.
In the navigation menu, click Data Sources.
The Data Sources panel is displayed.
Click the Log Sources icon.
The Log Sources window is displayed.
Click Add.
The Add a log source window is displayed.
Select the IBM Proventia Management SiteProtector option from the Log
Source Type drop-down list box.
Using the Protocol Configuration drop-down list box, select JDBC -
SiteProtector.
The JDBC - SiteProtector protocol configuration is displayed.
Configure the following values:
Configuring DSMs
IBM Proventia Management SiteProtector
137