IBM Security Join our 16,000+ members as we work together to overcome the toughest challenges of cybersecurity. Join the Community
The following is an export of a LSX I used to parsed data from a Barracuda FXX firewall, to make sure the Custom DSM will work you have to enable "Cluster Info" logging under Configuration Tree > Infraestructure Services > Syslog Streaming > LogStream Destinations > "Add Range/Cluster Info" toggle to "Yes".Once the Custom DSM is enable QRadar will be able to understand some of most important security related events, in addition to some DHCP events and more.