IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Ansible Tower as QRadar log source for activity monitoring

    Posted Fri March 26, 2021 12:50 PM
    Hi, has anyone connected Ansible Tower to QRadar as log source for activity monitoring and can provide best-practice / custom DSM? Thanks in advance!

    ------------------------------
    Ulrich Müller
    ------------------------------


  • 2.  RE: Ansible Tower as QRadar log source for activity monitoring

    Posted Thu April 15, 2021 03:45 AM

    Hi Ulrich

    Will this be helpful ?

    INTEGRATION: Ansible and IBM QRadar: https://www.ansible.com/integrations/security/ibm-qradar

    Getting Started with IBM QRadar and Red Hat Ansible Automation Platform
    https://www.ansible.com/blog/getting-started-with-ibm-qradar-and-red-hat-ansible-automation-platform



    ------------------------------
    Yogesh Talekar
    Manager
    IBM
    ------------------------------

    Original Message


  • 3.  RE: Ansible Tower as QRadar log source for activity monitoring

    Posted Mon December 19, 2022 04:35 PM
    No.  That link is about Ansible controlling QRadar through API calls.  There's nothing there about using Ansible as a log source.
    Ansible does send JSON logs, but there doesn't appear to be a DSM for it.

    ------------------------------
    Dan Zerkle
    ------------------------------

    Original Message


Related Content