Announcement: New Knowledge Base

4 June 2020: We are pleased to announce the launch of a new Knowledge Base, Changelogs for Business Security Products, where you can find more details, such as bugfixes or new features, about the most recent releases of our business-related products.

alerts forwarding to IBM Qradar SIEM are not parsing

ShekharShekhar Posts: 5
in Business Security

Hi

I am forwaring F secure PM alerts and notifications to IBM Qradar SIEM over syslog but events which are recievied to IBM Qradar are unparsed. Kindly let me know whether we can resolve this from F secure side or Can I check with IBM support.

 

Thanks

Like

Best Answer

  • MJ-perCompMJ-perComp Posts: 1,098
    Accepted Answer

    Hi,

    do you see the syslog entries from PMS on the SIEM box?

    if yes: the problem is inside SIEM, contact IBM.
    else: what are your syslog settings in PMS?

    1Like

Comments

  • ShekharShekhar Posts: 5

    yes we are able to see the logs at SIEM we will check wih IBM

    Like
  • Tomasz_009Tomasz_009 Posts: 1

    Hello,

     

    We also sending event from F-Secure to QRadar. Event aren't parsing so you need create own DSM for this events - if I good know, IBM don't have native DSM for F-Secure events.

    Like
This discussion has been closed.