JDBC log source parameters for Juniper Networks AVT
If QRadar does not automatically detect the log source, add a Juniper Networks AVT log source on the QRadar Console by using the JDBC protocol.
When using the JDBC protocol, there are specific parameters that you must use.
| Parameter | Value |
|---|---|
| Log Source Type | Juniper Networks AVT |
| Protocol Configuration | JDBC |
| Database Type | Postgres |
| Database Name | profilerDb |
| IP or Hostname | The IP address or host name of the SQL server that hosts the Juniper Networks AVT database. |
| Username | Type the user name the log source can use to access the Juniper Networks AVT database. |
| Password |
Type the password the log source can use to access the Juniper Networks AVT database. The password can be up to 255 characters in length. |
| Predefined Query | From the list, select Juniper Networks AVT. |
| Use Prepared Statements | The Use Prepared Statements check box must be clear. The Juniper Networks AVT DSM does not support prepared statements. |
| Polling Interval |
Type the polling interval, which is the amount of time between queries to the view you created. The default polling interval is 10 seconds. You can define a longer polling interval by appending H for hours or M for minutes to the numeric value. The maximum polling interval is 1 week in any time format. Numeric values that are entered without an H or M poll in seconds. |
| EPS Throttle |
The maximum number of events per second that QRadar ingests. If your data source exceeds the EPS throttle, data collection is delayed. Data is still collected and then it is ingested when the data source stops exceeding the EPS throttle. The default is 20,000 EPS. |
For a complete list of JDBC parameters and their values, see c_logsource_JDBCprotocol.html.