Microsoft Azure Monitor Agent Linux

The IBM QRadar DSM for Microsoft Azure Monitor Agent (AMA) Linux® parses messages and events that are generated by various components within the Linux operating system and applications.
To integrate Microsoft Azure Monitor Agent (AMA) Linux with QRadar, complete the following steps:
  1. If automatic updates are not enabled, RPMs are available for download from the IBM® support website. Download and install the most recent version of the following RPMs on your QRadar® Console.
    • MicrosoftAzureMonitorAgentLinux DSM RPM
  2. Configure the Microsoft Azure Monitor Agent Linux server Logs to send events to QRadar. For more information see, Microsoft Azure Event Hubs protocol configuration options.