Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Announcement: Try the Ask AI chatbot for answers to your technical questions about Juniper products and solutions.

close
external-header-nav
keyboard_arrow_up
close
keyboard_arrow_left
list Table of Contents
file_download PDF
{ "lLangCode": "en", "lName": "English", "lCountryCode": "us", "transcode": "en_US" }
English
keyboard_arrow_right

Configuring Your FireEye System for Communication with JSA

date_range 27-Mar-21

To enable FireEye to communicate with JSA, configure your FireEye appliance to forward syslog events.

  1. Log in to the FireEye appliance by using the CLI.
  2. To activate configuration mode, type the following commands:

    enable

    configure terminal

  3. To enable rsyslog notifications, type the following command:

    fenotify rsyslog enable

  4. To add JSA as an rsyslog notification consumer, type the following command:

    fenotify rsyslog trap-sink JSA

  5. To specify the IP address for the JSA system that you want to receive rsyslog trap-sink notifications, type the following command:

    fenotify rsyslog trap-sink JSA address <JSA_IP_address>

  6. To define the rsyslog event format, type the following command:

    fenotify rsyslog trap-sink JSA prefer message format leef

  7. To save the configuration changes to the FireEye appliance, type the following command:

    write memory

external-footer-nav