Microsoft Azure Monitor Agent Linux
The IBM
QRadar DSM
for Microsoft Azure Monitor Agent (AMA) Linux® parses messages and events that are generated by various
components within the Linux operating system and
applications.
To integrate Microsoft Azure Monitor Agent (AMA) Linux with QRadar, complete the
following steps:
- If automatic updates are not enabled, RPMs are available for download from the IBM® support website. Download and install the most recent version of the following RPMs
on your QRadar® Console.
- MicrosoftAzureMonitorAgentLinux DSM RPM
- Configure the Microsoft Azure Monitor Agent Linux server Logs to send events to QRadar. For more information see, Microsoft Azure Event Hubs protocol configuration options.