IBM Security QRadar

Expand all | Collapse all

Cisco ISE 2.7 and QRadar 7.4.2

  • 1.  Cisco ISE 2.7 and QRadar 7.4.2

    Posted 7 days ago
    Dear all.
    There is a new field added to the Cisco Identity service engine log source called "Source Name Formatting String". Unfortunately there is no much information about it on the DSM guide. Any inputs would be highly appreciated 

    T&R


    ------------------------------
    Arjun Kumar Network & Security Engineer
    ------------------------------


  • 2.  RE: Cisco ISE 2.7 and QRadar 7.4.2

    Posted 6 days ago
    Hi Arjun,

    Please see the documentation for the UDP Multiline Syslog protocol, it describes this parameter: https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/c_logsource_UDPmultiprotocol.html

    Cheers
    Colin

    ------------------------------
    COLIN HAY
    IBM Security
    ------------------------------



  • 3.  RE: Cisco ISE 2.7 and QRadar 7.4.2

    Posted 6 days ago
    Dear Colin
    Thank you for your response and I also found this link from Qradar 101 for reference 

    QRadar: Troubleshooting Guide for Cisco Identity Services Engine Log Source via UDP Multiline Syslog Protocol (ibm.com)

    T&R
    Arjun Kumar

    ------------------------------
    Arjun Kumar Network & Security Engineer
    ------------------------------