JDBC log source parameters for Sophos Enterprise Console
If the Sophos Enterprise Console does not have the Sophos Reporting Interface installed, use the standard JDBC protocol to collect events in QRadar.
If QRadar does not automatically detect the log source, add a Sophos Enterprise Console log source on the QRadar Console.
When using the JDBC protocol, there are specific parameters that you must use.
The following table describes the parameters that require specific values to collect JDBC events
from Sophos Enterprise Console:
Parameter | Value |
---|---|
Log Source type | Sophos Enterprise Console |
Protocol Configuration | JDBC |
Log Source Identifier |
Type the IP address or host name for the log source as an identifier for events from your Sophos Enterprise Console devices. |
For a complete list of JDBC protocol parameters and their values, see JDBC protocol configuration options.