IBM Security QRadar

Ibm		remove preview
IBM QRadar: X-Force Frequently Asked Questions (FAQ) - Updated - United States What do I need to know and what are the frequently asked questions about the QRadar X-Force Threat Intelligence feed? View this on Ibm >

Extract from QRADAR Log

Unexpected exception raise while testing connection: Unexcepted error connecting to API.

Exception: HTTPSConnectionPool(host='eu-api.mimecast.com', port=443): Max retries exceeded with url: /api/audit/get-siem-logs (Caused by ConnectTimeoutError(<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x3398f50>, 'Connection to eu-api.mimecast.com timed out. (connect timeout=30.0)'))

Thank you.

Shjajad,

I was just writing up an article around this issue, but you did not mention your QRadar version. This is typically something we'd try to resolve via the QRadar Support forums (https://ibm.biz/qradarforums), but if you are on QRadar 7.3.2, see this article: QRadar 7.3.2: How to tune proxy configurations for app containers.

If you are on QRadar 7.3.2, this issue as described in the article I wrote above outlines apps in QRadar 7.3.2 can inherit the proxy configuration from the Console config, which can replace the proxy config for the app itself and preventing the app container from reaching out to an external data source.  

If you are on QRadar 7.3.1, using IPv6 in your network, or having app issues related to the QRadar proxy, you might consider opening a case on this issue here: https://ibm.com/mysupport.  

Hope this help, let me know if you have further questions or concerns. The best place to get quick answers is the QRadar Support forums for these types of issues or by opening a case. We keep a closer eye on the support forums, you can find those here: https://ibm.biz/qradarforums

Ibm		remove preview
IBM QRadar: X-Force Frequently Asked Questions (FAQ) - Updated - United States What do I need to know and what are the frequently asked questions about the QRadar X-Force Threat Intelligence feed? View this on Ibm >

Extract from QRADAR Log

Unexpected exception raise while testing connection: Unexcepted error connecting to API.

Exception: HTTPSConnectionPool(host='eu-api.mimecast.com', port=443): Max retries exceeded with url: /api/audit/get-siem-logs (Caused by ConnectTimeoutError(<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x3398f50>, 'Connection to eu-api.mimecast.com timed out. (connect timeout=30.0)'))

Thank you.

Shjajad,

I was just writing up an article around this issue, but you did not mention your QRadar version. This is typically something we'd try to resolve via the QRadar Support forums (https://ibm.biz/qradarforums), but if you are on QRadar 7.3.2, see this article: QRadar 7.3.2: How to tune proxy configurations for app containers.

If you are on QRadar 7.3.2, this issue as described in the article I wrote above outlines apps in QRadar 7.3.2 can inherit the proxy configuration from the Console config, which can replace the proxy config for the app itself and preventing the app container from reaching out to an external data source.  

If you are on QRadar 7.3.1, using IPv6 in your network, or having app issues related to the QRadar proxy, you might consider opening a case on this issue here: https://ibm.com/mysupport.  

Hope this help, let me know if you have further questions or concerns. The best place to get quick answers is the QRadar Support forums for these types of issues or by opening a case. We keep a closer eye on the support forums, you can find those here: https://ibm.biz/qradarforums

Ibm		remove preview
IBM QRadar: X-Force Frequently Asked Questions (FAQ) - Updated - United States What do I need to know and what are the frequently asked questions about the QRadar X-Force Threat Intelligence feed? View this on Ibm >

Extract from QRADAR Log

Unexpected exception raise while testing connection: Unexcepted error connecting to API.

Exception: HTTPSConnectionPool(host='eu-api.mimecast.com', port=443): Max retries exceeded with url: /api/audit/get-siem-logs (Caused by ConnectTimeoutError(<requests.packages.urllib3.connection.VerifiedHTTPSConnection object at 0x3398f50>, 'Connection to eu-api.mimecast.com timed out. (connect timeout=30.0)'))

Thank you.