AhnLab Policy Center

The IBM QRadar DSM for AhnLab Policy Center retrieves events from the DB2® database that AhnLab Policy Center uses to store their log.

The following table identifies the specifications for the AhnLab Policy Center DSM:
Table 1. AhnLab Policy Center DSM specifications
Specification Value
Manufacturer AhnLab
DSM AhnLab Policy Center
RPM file names DSM-AhnLabPolicyCenter-QRadar-Release_Build-Number.noarch.rpm
Supported versions 4.0
Protocol AhnLabPolicyCenterJdbc
QRadar recorded events Spyware detection, Virus detection, Audit
Automatically discovered? No
Includes identity Yes
More information Ahnlab website (https://global.ahnlab.com/)
To integrate AhnLab Policy Center DSM with QRadar, complete the following steps:
  1. Download and install the most recent version of the following RPMs from the IBM® Support Website onto your QRadar Console:
    • JDBC protocol RPM
    • AhnLabPolicyCenterJdbc protocol RPM
    • AhnLab Policy Center RPM
    Tip: For more information, see your DB2 documentation.
  2. Ensure that your AhnLab Policy Center system meets the following criteria:
    • The DB2 Database allows connections from QRadar.
    • The port for AhnLabPolicyCenterJdbc Protocol matches the listener port of the DB2 Database.
    • Incoming TCP connections on the DB2 Database are enabled to communicate with QRadar.
  3. For each AhnLab Policy Center server you want to integrate, create a log source on the QRadar Console. The following table identifies Ahnlab-specific protocol values:
    Parameter Value
    Log Source Type AhnLab Policy Center APC
    Protocol Configuration AhnLabPolicyCenterJdbc
    Access credentials Use the access credentials of the DB2 server.
    Log Source Language If you use QRadar v7.2 or later, you must select a log source language.