IBM Security QRadar

 View Only

  • 1.  Qradar syslog ingression size

    Posted Mon November 21, 2022 09:41 AM

    Does anyone know if Qradar can provide visibility on how much syslog is consumed per on a log collector.

    We are looking for analytics to help with the specification of a networking monitoring tool and want to how what size in GB of syslog does our Qradar gets per day.



    ------------------------------
    Richard Harrison
    ------------------------------


  • 2.  RE: Qradar syslog ingression size

    Posted Tue November 22, 2022 05:43 AM

    You can have a look at the directories of your event collector, which has one directory per day and below that one directory per hour to store the payloads

    # Statistik for a certain day

    du -s -h /store/ariel/events/payloads/2022/11/21/

    # Statistik for the indiviual hours of that day

    du -s -h /store/ariel/events/payloads/2022/11/21/*

    Regards

    Thomas

    ​​

    ------------------------------
    SIEM-2020
    ------------------------------

    Original Message


  • 3.  RE: Qradar syslog ingression size

    Posted Tue November 22, 2022 10:51 AM
    @SIEM-2020 thank you. I will try this method.​

    ------------------------------
    Richard Harrison
    ------------------------------

    Original Message