Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1 Manual page 144

138 N S
ORTEL WITCHED
Step 5
Step 6
Step 7
Step 8
Step 9
F 5100
IREWALL
is a Syslog facility, for example, local3.
<facility>
is a Syslog priority, for example, info.
<priority>
For example:
$FWDIR/bin/fw log -ftn | /usr/bin/logger -p local3.info >
/dev/null 2>&1 &
Save and exit the file.
Open the syslog.conf file and add the following:
< >.<
facility priority
Where:
< > is the syslog facility, for example, local3. This value must match the
facility
value entered in Step
< > is the syslog priority, for example, info or notice. This value must
priority
match the value entered in
< > indicates you must press the TAB key.
TAB
< > indicates the STRM managed host.
host
Save and exit the file.
Restart syslog.
Enter the following command:
# nohup $FWDIR/bin/fw log -ftn | /usr/bin/logger -p
<facility>.<priority> > /dev/null 2>&1 &
Where:
is a Syslog facility, for example, local3. This value must match the
<facility>
value entered in Step
is a Syslog priority, for example, info. This value must match the
<priority>
value entered in Step
You are now ready to configure the sensor device within the STRM interface. To
configure STRM to receive events from an Nortel Switched Firewall 5100 using
syslog, you must select the Nortel Switched Firewall 5100 option from the
Sensor Device Type drop-down list box. For more information on configuring
sensor devices, see the Managing Sensor Devices Guide.
For more information, see your vendor documentation.
> < ><
TAB TAB
4.
Step 4.
4.
4.
Configuring DSMs Guide
>@< >
host