IBM Guardium

IBM Guardium

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Logs forwarding to SIEM through Audit Process

    Posted Thu February 17, 2022 07:45 AM
    Hi Everyone,

    Please see below screenshot and find my collectors status.
    Its because all logs are being forwarded immediately to SIEM Device.
    In order to reduce below issues, need to schedule the Audit process to forward the logs.

    Can anyone send screenshots how to forward logs to SIEM through Audit process periodically?



    Thanks,
    Panendar Rao.C

    ------------------------------
    PHANENDRA RAO CHAVANA
    ------------------------------


  • 2.  RE: Logs forwarding to SIEM through Audit Process

    Posted Thu February 17, 2022 11:16 PM
    HI everyone,

    Please reply, Very urgent for me.

    Thanks.
    Panendar Rao.C

    ------------------------------
    PHANENDRA RAO CHAVANA
    ------------------------------

    Original Message


  • 3.  RE: Logs forwarding to SIEM through Audit Process

    Posted Fri February 18, 2022 04:14 AM
    Hello PHANENDRA,

    Please try to go through below Doc related SIEM Config - May be this can help you a bit. thanks. 

    https://www.ibm.com/docs/en/guardium/11.1?topic=pi-combining-real-time-alerts-correlation-analysis-siem-products




  • 4.  RE: Logs forwarding to SIEM through Audit Process

    Posted Wed February 23, 2022 12:55 AM
    It depends on the stage you are auto-forwarding the logs to SIEM. One of the significant advantages of Guardium is the Risk Spotter, ATA and the predefined reports and audit-processes. These processes are based on Data Security best practice and deep knowledge.



    Original Message