IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  ingest a db table into qradar

    Posted Tue November 07, 2023 09:34 AM

    Hi,

    I have a database tables that I would like to ingest into qradar, is there a way of doing a query to get thoses informations ingested to qradar ?

    I am still looking because thoses tables are not stored anywhere and the only way to get them is to make a query to collecte thoses informations.

    Thanks



    ------------------------------
    Benjamin Yabre
    ------------------------------


  • 2.  RE: ingest a db table into qradar
    Best Answer

    Posted Tue November 07, 2023 12:30 PM
    Edited by Benjamin Yabre Wed November 08, 2023 10:01 AM

    You can use the JDBC protocol in QRadar to access most databases types, such as MySQL, Postgres, MSDE, etc. You can either point to a table  in the protocol or do something like create a materialized view, then poll that information for QRadar if there is specific data you want to get in to QRadar instead of pointing to an individual table. For more information on the JDBC protocol, see https://www.ibm.com/docs/en/dsm?topic=labs-jdbc-protocol-configuration-options " target="_blank" rel="noopener">JDBC protocol configuration options.



    ------------------------------
    Jonathan Pechta
    QRadar Support Content Lead
    Support forums: ibm.biz/qradarforums
    jonathan.pechta1@ibm.com
    ------------------------------

    Original Message


  • 3.  RE: ingest a db table into qradar

    Posted Wed November 08, 2023 10:03 AM

    Hi Jonathan,

    Thanks for your answer.

    Cordialy,



    ------------------------------
    Benjamin Yabre
    ------------------------------

    Original Message


Related Content