IBM QRadar

Hey all, I currently have some log sources (mainly WinCollect types) in Error in my qradar deployement, but what I don't understand is why I'm receiving the system heartbeats events and not the receiving log events. Does anyone have an idea what's the problem? 

Thanks in advance for your feedbacks.

------------------------------
Essotassim LANGUIE
------------------------------

Hi Essotassim,

wincollect has some dependencies to check. Your description has no details about which versions and configurations you're running. Depending on this, different ports and options come into play... without details difficult to assess. But here is a helpful link to start, maybe you are already aware of:

https://www.ibm.com/community/101/qradar/wincollect/

This will support you with many details to check.

Regards,

Ralph

------------------------------
Ralph Belfiore
Managing Consultant | Senior SIEM Expert
connecT SYSTEMHAUS AG
Siegen
+491726365525
------------------------------

Original Message:
Sent: Thu July 25, 2024 06:41 AM
From: Essotassim LANGUIE
Subject: Log sources Error: Troubleshooting

Hey all, I currently have some log sources (mainly WinCollect types) in Error in my qradar deployement, but what I don't understand is why I'm receiving the system heartbeats events and not the receiving log events. Does anyone have an idea what's the problem? 

Thanks in advance for your feedbacks.

------------------------------
Essotassim LANGUIE
------------------------------