cancel
Showing results for 
Search instead for 
Did you mean: 

alerts forwarding to IBM Qradar SIEM are not parsing

Scholar

alerts forwarding to IBM Qradar SIEM are not parsing

Hi

I am forwaring F secure PM alerts and notifications to IBM Qradar SIEM over syslog but events which are recievied to IBM Qradar are unparsed. Kindly let me know whether we can resolve this from F secure side or Can I check with IBM support.

 

Thanks

1 ACCEPTED SOLUTION

Accepted Solutions
Superuser

Betreff: alerts forwarding to IBM Qradar SIEM are not parsing

Hi,

do you see the syslog entries from PMS on the SIEM box?

if yes: the problem is inside SIEM, contact IBM.
else: what are your syslog settings in PMS?

Matthias
----------
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de

2 REPLIES
Superuser

Betreff: alerts forwarding to IBM Qradar SIEM are not parsing

Hi,

do you see the syslog entries from PMS on the SIEM box?

if yes: the problem is inside SIEM, contact IBM.
else: what are your syslog settings in PMS?

Matthias
----------
perComp is a Platinum Partner of F-Secure since 1994. Any advice or help given by me in this forum is voluntarily and to my best knowledge based on working with the products since 1997. Direct contact for customers please check our homepage http://www.percomp.de

Scholar

Betreff: alerts forwarding to IBM Qradar SIEM are not parsing

yes we are able to see the logs at SIEM we will check wih IBM