You can configure IBM i as the
log source, and to use the log file protocol in IBM
QRadar:
Procedure
-
To configure QRadar to
receive events from an IBM i
system, you must select the IBM i option
from the Log Source Type list when you add a log source in QRadar.
-
To configure the log file protocol for the IBM i DSM, you must select the Log
File option from the Protocol Configuration list and define the
location of your FTP server connection settings.
Note: If you are using the PowerTech Interact or LogAgent for System i® software to collect CEF formatted syslog messages, you must select the
Syslog option from the Protocol Configuration
list.
- Use the log file protocol option that you select a secure protocol for transferring
files, such as Secure File Transfer Protocol (SFTP).
What to do next
For a complete list of Log File protocol parameter options, see Log File protocol
configuration options.