Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CONFIGURING DSMS REV 1 Manual page 190

184 S P B
YMARK OWER
Step 7
Step 8
Step 9
ROKER
Table 78-1 Command Parameters (continued)
Parameters Description
-h Specify the receiving syslog host (the Event Collector host name or IP
address being used to receive the logs).
-p Specify the TCP port to be used for sending events.
If nothing is specified, 514 is used.
-H Specify the host name or IP address for the syslog header of all sent
events. It is recommended that this be the IP address of the Symark
PowerBroker.
-r Specify the directory name where you wish to create the .pid file. The
default is /var/run. This parameter is ignored if -D is specified.
-l Specify the directory name where you wish to create the lock file. The
default is /var/lock. This parameter is ignored if -D is specified.
Start the pbforwarder.pl script. For example:
pbforwarder.pl -h qradar_host -t "pblog -l -t"
Terminate the pbforwarder.pl script:
kill -QUIT `cat /var/run/pbforwarder.pl.pid`
Reload and reconnect the pbforwarder.pl script after being truncated:
kill -HUP `cat /var/run/pbforwarder.pl.pid`
You are now ready to configure the PowerBroker within STRM. To configure the
protocol, select syslog from the Protocol drop-down list box. To configure the
sensor device, select Symark PowerBroker from the Sensor Device Type
drop-down list box and enter in the Device Hostname/IP field the address specified
using the –H option in
For more information on configuring sensor devices, see the Managing Sensor
Devices Guide.
For more information regarding your PowerBroker, see your vendor
documentation.
Step 6
Configuring DSMs Guide