IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

DSM for integrated apache logs( apache logs pulled from file forwarder)

  • 1.  DSM for integrated apache logs( apache logs pulled from file forwarder)

    Posted Sun July 04, 2021 11:03 AM

    Dear Team,

    We have integrated apache server's logs that is hosted on windows server. We have pulled the logs of apache from specific directory by using file forwarder but we could not use the DSM that is prebuilt. The DSM is only for the logs that were pulled from syslog but in our case, we need to pull logs from the windows server.

    Any help would be appreciated.



    #QRadar
    #Support
    #SupportMigration


  • 2.  RE: DSM for integrated apache logs( apache logs pulled from file forwarder)

    Posted Sun August 01, 2021 06:28 PM

    The IBM® QRadar® DSM for Apache HTTP Server accepts Apache events by using syslog or syslog-ng.

    If you are pulling the events from a Windows system, then most likely you would have to write a custom log source using DSM Editor. https://www.ibm.com/docs/en/qsip/7.4?topic=qradar-custom-log-source-types



    #QRadar
    #Support
    #SupportMigration


Related Content