Use the LEEF Log Forwarding (syslog) page for the Network IPS appliance to send event data to a security incident event manager (SIEM) by using the log event extended format (LEEF).
This feature was tested with the QRadar® SIEM developed by Q1 Labs®. You must update the QRadar SIEM to the newest version for some integration features to work. For more information, go to http://q1labs.com. Q1 Labs customers can go to http://partners.q1labs.com and sign in to DocCentral to view the documentation.
Navigating in the Network IPS Local Management Interface:
Navigating in the SiteProtector™ system: select the LEEF Log Forwarding (syslog) policy