Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1 Manual page 108

102 L IP
INUX TABLES
Step 7
Step 8
Step 9
Step 10
Step 11
Step 12
Note: The trailing space is required before the closing quotation mark.
Save and exit the file.
Restart IPtables:
/etc/init.d/iptables restart
Open the
syslog.conf
Add the following line:
kern.<log level><TAB><TAB>@<STRM ip>
Where:
is the previously set log level.
<log level>
< >< > is any chosen amount of space.
TAB TAB
is the IP address of the STRM Event Collector.
<STRM IP>
Save and exit the file.
Restart the syslog daemon:
/etc/init.d/syslog restart
You are now ready to configure the sensor device within the STRM interface. To
configure STRM to receive events from an IP tables device, you must select the
Linux iptables Firewall option from the Sensor Device Type drop-down list box.
For more information on configuring sensor devices, see the Managing Sensor
Devices Guide.
For more information on IPtables, see the IPtables documentation.
Configuring DSMs Guide
file.