IBM Security QRadar

 View Only
  • 1.  Cisco ISE 2.7 and QRadar 7.4.2

    Posted Tue January 12, 2021 09:08 AM
    Dear all.
    There is a new field added to the Cisco Identity service engine log source called "Source Name Formatting String". Unfortunately there is no much information about it on the DSM guide. Any inputs would be highly appreciated 

    T&R


    ------------------------------
    Arjun Kumar Network & Security Engineer
    ------------------------------


  • 2.  RE: Cisco ISE 2.7 and QRadar 7.4.2

    Posted Wed January 13, 2021 09:17 AM
    Hi Arjun,

    Please see the documentation for the UDP Multiline Syslog protocol, it describes this parameter: https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/c_logsource_UDPmultiprotocol.html

    Cheers
    Colin

    ------------------------------
    COLIN HAY
    IBM Security
    ------------------------------



  • 3.  RE: Cisco ISE 2.7 and QRadar 7.4.2

    Posted Thu January 14, 2021 01:21 AM
    Dear Colin
    Thank you for your response and I also found this link from Qradar 101 for reference 

    QRadar: Troubleshooting Guide for Cisco Identity Services Engine Log Source via UDP Multiline Syslog Protocol (ibm.com)

    T&R
    Arjun Kumar

    ------------------------------
    Arjun Kumar Network & Security Engineer
    ------------------------------