QRadar

Barracuda Firewall F-Series Log Source Extension 

15 days ago

The following is an export of a LSX I used to parsed data from a Barracuda FXX firewall, to make sure the Custom DSM will work you have to enable "Cluster Info" logging under Configuration Tree > Infraestructure Services > Syslog Streaming > LogStream Destinations > "Add Range/Cluster Info" toggle to "Yes".

Once the Custom DSM is enable QRadar will be able to understand some of most important security related events, in addition to some DHCP events and more.

Statistics
0 Favorited
25 Views
2 Files
0 Shares
75 Downloads
Attachment(s)
xml file
device_extension.BarracudaFirewallCustom_ext.157471416218...BarracudaFirewallCustom_ext   6K   1 version
Uploaded - Mon January 13, 2020
Import this XML file from Admin > Log Source Extensions.
png file
Screen Shot 2020-01-13 at 16.21.58.png   47K   1 version
Uploaded - Mon January 13, 2020
Firewall configuration.

Tags and Keywords

Related Entries and Links

No Related Resource entered.