Posted By
Nils Günther
Mon August 31, 2020 09:00 AM
Found In
Egroup:
IBM Security QRadar
\
view thread
Dear Community, I have a log source that sends urls to QRadar. Those urls contain a query part, i.e. https://example.com/resource?id=1234. Messages are forwarded to QRadar via Syslog in CEF-Format. The equals sign has a special meaning in CEF (key-value-separator). Therefore the CEF-forwarder escapes ...
|