Exabeam
The IBM QRadar DSM for Exabeam collects events from an Exabeam device.
The following table describes the specifications for the Exabeam
DSM:
Specification | Value |
---|---|
Manufacturer | Exabeam |
DSM name | Exabeam |
RPM file name | DSM-ExabeamExabeam-QRadar_version-build_number.noarch.rpm |
Supported versions | 1.7 and v2.0 |
Recorded event types | Critical Anomalous |
Automatically discovered? | Yes |
Includes identity? | No |
Includes custom properties? | No |
More information | Exabeam website (http://www.exabeam.com) |
To integrate Exabeam with QRadar,
complete the following steps:
- If automatic updates are not enabled, download and install the most recent version of the Exabeam DSM RPM from the IBM® Support Website onto your QRadar Console:
- Configure your Exabeam device to send syslog events to QRadar.
- If QRadar
does not automatically detect the log source, add
an Exabeam log source on the QRadar
Console. The following table describes the parameters
that require specific values for Exabeam event
collection:
Table 2. Exabeam log source parameters Parameter Value Log Source type Exabeam Protocol Configuration Syslog