Configuring the Apex Local Manager
Configure the Apex Local Manager through a customer-assigned Apex Trusteer Management Application (TMA) original server.
Procedure
- Log in to the Apex TMA.
- From the left navigation menu, click the Administration accordion to expand the options available.
- Click the Apex Local Manager & SIEM Settings.
-
Click Add and complete the following steps:
- Select the option to enable this Apex Local Manager.
- Enter a unique name.
- Click Next.
-
From the SIEM/Syslog Server Settings page, provide a value for the
following parameters:
Table 1. Apex Local Manager SIEM/Syslog server setting parameters Parameter Description Type IBM Security Q-Radar SIEM (LEEF) Hostname <fqdn of the Qradar appliance> Port Default is 6514. Protocol TCP with SSL/TLS PKCS#12 Upload File Upload the local PKCS#12 file Encryption Password The password that was entered during the creation of the client authentication certificates for Apex Local Manager. CA Certificate Upload File Upload local certifcate file. For example, apex-alm-tls.cert - Click Next.
-
From the System Events Setting page, provide a value for the following
parameters:
Table 2. System events setting parameters Parameter Description Hostname <QRadar FQDN or IP Address> Port Default is 6514 Protocol Syslog with SSL/TLS PKCS#12 Upload File Upload the local PKCS#12 file. For example, alm-client-syslog.tls.p12 Encryption Password The password that was entered during the creation of the client authentication certificates for Apex Local Manager. CA Certificate Upload File Upload local certifcate file. For example, apex-alm-tls.cert - Click Finish to save the configuration.
- Select the new entry.
- Copy the Provisioning key.