Epic SIEM
The IBM QRadar DSM for Epic SIEM can collect event logs from your Epic SIEM.
The following table identifies the specifications for the Epic
SIEM DSM:
Specification | Value |
---|---|
Manufacturer | Epic |
DSM name | Epic SIEM |
RPM file name | DSM-EpicSIEM-QRadar_version-build_number.noarch.rpm |
Supported versions | Epic 2014, Epic 2015, Epic 2017, Epic 2022 |
Event format | LEEF |
Recorded event types | Audit Authentication |
Automatically discovered? | Yes |
Includes identity? | Yes |
Includes custom properties? | No |
More information | Epic website |
To integrate Epic SIEM DSM with QRadar,
complete the following steps:
- If automatic updates are not enabled, download and install the most recent version of the
following RPMs from the IBM® Support Website onto your QRadar
Console:
- Epic SIEM DSM RPM
- DSMCommon RPM
- Configure your Epic SIEM device to send syslog events to QRadar.
- If QRadar
does not automatically detect the log source, add
an Epic SIEM log source on the QRadar
Console. The following table describes the parameters
that require specific values for Epic SIEM event
collection:
Table 2. Epic SIEM log source parameters Parameter Value Log Source type Epic SIEM Protocol Configuration Syslog