...
Configuration option | Value |
|---|---|
Hostname | IP/Hostname of the SNYPR instance in Securonix. |
Port | Port associated with the Snare Microsoft Windows parser |
Format | Set the format to “QRadar” |
Protocol | Set the protocol to UDP, TCP or TLS as per the configuration in SNYPR. |
Add Regular Expression | Create a policies with the following regular expression and mode set to “Include” (not including quotes): |
Once applied, return to the Reflector dashboard by selecting “Dashboard” and locate the chart for the destination that was just configured. Ensure the “Status” is “Sending” and that the chart has values.
Once applied, return to the Reflector dashboard by selecting “Dashboard” and locate the chart for the destination that was just configured. Ensure the “Status” is “Sending” and that the chart has values.
...