Benjamin
I suggested Scanner as it is the easiest way to fill in the OS info, e.g. using nmap. As many orgs have CMDB info available the alternative is to import this info from there using the API. Using python for that purpose we made good experience.
BR Karl
------------------------------
[Karl] [Jaeger] [Business Partner]
[QRadar Specialist]
[pro4bizz]
[Karlsruhe] [Germany]
[4972190981722]
------------------------------
Original Message:
Sent: Mon September 11, 2023 12:21 PM
From: Benjamin Yabre
Subject: Qradar Asset profile
Hi Karl,
thanks for your reply.
it means that without securit scanner report there is no way of getting those information in the asset DB ?
thanks
------------------------------
Benjamin Yabre
Original Message:
Sent: Mon September 11, 2023 05:03 AM
From: Karl Jaeger
Subject: Qradar Asset profile
Benjamin,
when your logs contain OS info, you can extract that into a customfield "myserveros" and add it to your loc activity search. The OS information in the asset db is put in by vis service which takes security scanner report information from nessus and other tools and syncs those information with asset database.
BR
Karl
------------------------------
[Karl] [Jaeger] [Business Partner]
[QRadar Specialist]
[pro4bizz]
[Karlsruhe] [Germany]
[4972190981722]
Original Message:
Sent: Thu September 07, 2023 01:16 PM
From: Benjamin Yabre
Subject: Qradar Asset profile
Hi,
my asset profil operating system field is not filled while the logs contains the operating system of the asset.
I would like to know the way of automatically updating the asset profile.
Thanks
------------------------------
Benjamin Yabre
------------------------------