Message Image

Log in

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

IBM Security Join our 16,000+ members as we work together to overcome the toughest challenges of cybersecurity. Join the Community

Skip main navigation (Press Enter).

IBM Security Z Security

View Only

Expand all | Collapse all

Send data from zSecure to Splunk

Gabriel Vicoso AmaralWed September 15, 2021 12:16 PM

Hello, my friends! Days ago I received a question of a customer asking: 1- It's possible to send data ...

Rob van HobokenThu September 16, 2021 04:14 AM

Hi Gabriel See Eugenio's question . You can find the installation process in the Installation and ...

1. Send data from zSecure to Splunk

0 Like
Gabriel Vicoso Amaral
Posted Wed September 15, 2021 12:16 PM
Edited by Gabriel Vicoso Amaral Wed September 15, 2021 12:25 PM

Reply
Hello, my friends!

Days ago I received a question of a customer asking:

1- It's possible to send data from zSecure to Splunk?

2- How we can do it?

I'm not sure of how can I do it, someone please can help me with these questions?

Thanks! Regards.

------------------------------
Gabriel Viçoso Amaral
IBM Technology Sales
------------------------------
2. RE: Send data from zSecure to Splunk

0 Like
IBM Champion

Rob van Hoboken
Posted Thu September 16, 2021 04:14 AM
Edited by Rob van Hoboken Thu September 16, 2021 04:14 AM

Reply
Hi Gabriel
See Eugenio's question. You can find the installation process in the Installation and Deployment manual, just read QRadar to imply Splunk. The QRadar feed generates Log Event Enhanced Format (LEEF), and Splunk knows very well how to process LEEF messages.

You can also send SYSLOG formatted messages to Splunk from zSecure Alert. Note, these are RFC 3164 and not LEEF formatted. See the zSecure Alert manual.

------------------------------
Rob van Hoboken
------------------------------

Powered by Higher Logic