Configuring the Apex Local Manager

Configure the Apex Local Manager through a customer-assigned Apex Trusteer Management Application (TMA) original server.

Procedure

  1. Log in to the Apex TMA.
  2. From the left navigation menu, click the Administration accordion to expand the options available.
  3. Click the Apex Local Manager & SIEM Settings.
  4. Click Add and complete the following steps:
    1. Select the option to enable this Apex Local Manager.
    2. Enter a unique name.
  5. Click Next.
  6. From the SIEM/Syslog Server Settings page, provide a value for the following parameters:
    Table 1. Apex Local Manager SIEM/Syslog server setting parameters
    Parameter Description
    Type IBM Security Q-Radar SIEM (LEEF)
    Hostname <fqdn of the Qradar appliance>
    Port Default is 6514.
    Protocol TCP with SSL/TLS
    PKCS#12 Upload File Upload the local PKCS#12 file
    Encryption Password The password that was entered during the creation of the client authentication certificates for Apex Local Manager.
    CA Certificate Upload File Upload local certifcate file. For example, apex-alm-tls.cert
  7. Click Next.
  8. From the System Events Setting page, provide a value for the following parameters:
    Table 2. System events setting parameters
    Parameter Description
    Hostname <QRadar FQDN or IP Address>
    Port Default is 6514
    Protocol Syslog with SSL/TLS
    PKCS#12 Upload File Upload the local PKCS#12 file. For example, alm-client-syslog.tls.p12
    Encryption Password The password that was entered during the creation of the client authentication certificates for Apex Local Manager.
    CA Certificate Upload File Upload local certifcate file. For example, apex-alm-tls.cert
  9. Click Finish to save the configuration.
  10. Select the new entry.
  11. Copy the Provisioning key.

What to do next

See "Configuring the ALM instance"