To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.
alerts forwarding to IBM Qradar SIEM are not parsing
Shekhar
Posts: 5 Security Scout
Hi
I am forwaring F secure PM alerts and notifications to IBM Qradar SIEM over syslog but events which are recievied to IBM Qradar are unparsed. Kindly let me know whether we can resolve this from F secure side or Can I check with IBM support.
Thanks
0
Comments
-
Hi,
do you see the syslog entries from PMS on the SIEM box?
if yes: the problem is inside SIEM, contact IBM.
else: what are your syslog settings in PMS?6 -
yes we are able to see the logs at SIEM we will check wih IBM
0 -
Hello,
We also sending event from F-Secure to QRadar. Event aren't parsing so you need create own DSM for this events - if I good know, IBM don't have native DSM for F-Secure events.
0
This discussion has been closed.
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support