IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Anyone pulling logs from Grafana into Qradar On-prem?

    Posted Wed February 12, 2025 05:31 PM

    Hello Community

    wondering if anyone here is pulling logs from Grafana into Qradar? One way i can think of is using "Universal Cloud REST API connector", If so, how is this going? 



    ------------------------------
    QRD
    ------------------------------


  • 2.  RE: Anyone pulling logs from Grafana into Qradar On-prem?

    Posted Thu March 13, 2025 07:25 AM

    Hi

    If you got your own Grafana install all you need is a custom DSM,. Pls check my recent entry at https://community.ibm.com/community/user/security/discussion/connecting-graylog-to-ibm-qradar#bm9b2ce6b7-05c3-4724-9503-01958af940aa 

    Universal Cloud REST API Connector will only help help you, if you are using the cloud version and have come up with a design to talk to the REST API in Grafana. However AFAIK Rest API is not longer supported see https://grafana.com/search/?term=REST+API&type=doc



    ------------------------------
    [Karl] [Jaeger] [#ibmchampion]
    [QRadar Specialist]
    [cnag]
    [Siegen] [Germany]
    ------------------------------

    Original Message


  • 3.  RE: Anyone pulling logs from Grafana into Qradar On-prem?

    Posted 15 days ago

    Late reply, but depending on your configuration with Grafana, you can log to the FS and then set up syslog forwarding to QRadar.



    ------------------------------
    Olivia Mativi
    ------------------------------

    Original Message


Related Content