JDBC log source parameters for Sophos Enterprise Console

If the Sophos Enterprise Console does not have the Sophos Reporting Interface installed, use the standard JDBC protocol to collect events in QRadar.

If QRadar does not automatically detect the log source, add a Sophos Enterprise Console log source on the QRadar Console.

When using the JDBC protocol, there are specific parameters that you must use.

The following table describes the parameters that require specific values to collect JDBC events from Sophos Enterprise Console:
Table 1. JDBC log source parameters for the Sophos Enterprise Console DSM
Parameter Value
Log Source type Sophos Enterprise Console
Protocol Configuration JDBC
Log Source Identifier

Type the IP address or host name for the log source as an identifier for events from your Sophos Enterprise Console devices.

For a complete list of JDBC protocol parameters and their values, see JDBC protocol configuration options.