Hi QRadar Community!
I’m here today to talk about exciting updates to our – IBM Security QRadar and Cloudflare Integration.
While IBM and Cloudflare have partnered together for a while to support our joint customers and provide them maximum visibility in a single pane of glass, we have updated our integration and I’m excited to share the details.
Cloudflare’s diverse suite of security and performance products helps protect web-based applications by acting as a reverse-proxy and scanning requests directed to it and look for malicious content. With our QRadar / Cloudflare integration, our mutual customers can ingest Cloudflare data into QRadar for correlation and investigation.
We’re delighted to announce that we have enhanced our Cloudflare integration, to support QRadar customers to ingest Cloudflare logs directly from Cloudflare using our HTTP Receiver Protocol. Additionally meaning, we’ll also continue to support customers who are leveraging existing integration via S3 storage.
This update means that when configuring a QRadar/Cloudflare integrations users have the option to use our Cloudflare Device Support Module with either the (1) HTTP Receiver Protocol or (2) Amazon AWS S3 Rest API Protocol.
Please see below for a schematic of the integration options.
More information about how to integrate using this DSM and the configuration steps can be found here in the DSM Guide : https://www.ibm.com/docs/en/dsm?topic=configuration-cloudflare-logs
Huge shout out to the IBM QRadar Integrations Development Team and Charlie Ma for leading this effort and big thanks to our colleagues at Cloudflare for the support.
Please try this integration and let us know what you think! For any questions, please reach out on firstname.lastname@example.org
Product Manager, IBM Security QRadar