IBM Informix Audit
The IBM® Informix®® Audit DSM allows IBM QRadar to integrate IBM Informix audit logs into QRadar for analysis.
QRadar retrieves the IBM Informix archived audit log files from a remote host using the log file protocol configuration. QRadar records all configured IBM Informix Audit events.
When configuring your IBM Informix to use the log file protocol, make sure the host name or IP address configured in the IBM Informix is the same as configured in the Remote Host parameter in the log file protocol configuration.
You are now ready to configure the log source and protocol in QRadar:
-
To configure QRadar to receive events from an IBM Informix device, you must select the IBM Informix Audit option from the Log Source Type list.
-
To configure the log file protocol, you must select the Log File option from the Protocol Configuration list.
Use a secure protocol for transferring files, such as Secure File Transfer Protocol (SFTP).