Use the LEEF Log Forwarding (syslog) page on the Network IPS appliance to send event data to a security incident event manager (SIEM) by using the log event extended format (LEEF).
This feature was tested with the QRadar SIEM developed by Q1 Labs. You must update the QRadar SIEM to the newest version for some integration features to work. For more information, go to http://q1labs.com. Q1 Labs customers can go to http://partners.q1labs.com and sign in to DocCentral to view the documentation.
Navigating in the IPS Local Management Interface:
Navigating in SiteProtector™ Management: select the LEEF Log Forwarding (syslog) policy