IBM Manage Virtual Server sample event message

Use the following sample event messages to verify a successful integration with IBM QRadar.

Sample event message 1

In the following sample event message, the event indicates the IBM® Manage Virtual Server with source IP.

May 2 03:15:26 ibm.managevirtualserver LEEF:2.0|IBMQRadarMvs|IBM Manage Virtual Server|1.0|
Asset|src=10.0.0.1  devTimeFormat=yyyy-MM-dd'T'HH:mm:ss.SSSX    
devTime=2024-05-02T03:15:26.250-03  cat=MVS Asset Creation
Table 1. Highlighted values in the IBM Manage Virtual Server: sample event message 1
QRadar field name Highlighted payload field name
Event ID Asset
Source IP src
Device Time devTime

Sample event message 2

In the following sample event message, the event indicates the IBM Manage Virtual Server with source IP and Source MAC.

May 2 03:15:26 ibm.managevirtualserver LEEF:2.0|IBMQRadarMvs|IBM Manage Virtual Server|1.0|
Asset|src=10.0.0.1  srcMAC=macadr    devTimeFormat=yyyy-MM-dd'T'HH:mm:ss.SSSX    
devTime=2024-05-02T03:15:26.299-03  cat=MVS Asset Creation
Table 2. Highlighted values in the IBM Manage Virtual Server: sample event message 2
QRadar field name Highlighted payload field name
Event ID Asset
Source IP src
Device Time devTime
Source MAC srcMac

Sample event message 3

In the following sample event message, the event indicates the IBM Manage Virtual Server with source IP, Source MAC, and User name.

May 2 03:15:26 ibm.managevirtualserver LEEF:2.0|IBMQRadarMvs|
IBM Manage Virtual Server|1.0|Asset|src=10.0.0.1 usrName=admin2  srcMAC= macadr    
devTimeFormat=yyyy-MM-dd'T'HH:mm:ss.SSSX    devTime=2024-05-02T03:15:26.300-03  cat=MVS Asset Creation
Table 3. Highlighted values in the IBM Manage Virtual Server: sample event message 3
QRadar field name Highlighted payload field name
Event ID Asset
Source IP src
Device Time devTime
Source MAC srcMac
User Name usrName

Sample event message 4

In the following sample event message, the event indicates the IBM Manage Virtual Server with source IP, Source MAC, Host name and User name.

May 2 03:15:26 ibm.managevirtualserver LEEF:2.0|IBMQRadarMvs|
IBM Manage Virtual Server|1.0|Asset|src=10.0.0.1    usrName=admin3  hostName=hoastname3 srcMAC= macadr    
devTimeFormat=yyyy-MM-dd'T'HH:mm:ss.SSSX    devTime=2024-05-02T03:15:26.301-03  cat=MVS Asset Creation
Table 4. Highlighted values in the IBM Manage Virtual Server: sample event message 4
QRadar field name Highlighted payload field name
Event ID Asset
Source IP src
Device Time devTime
Source MAC srcMac
User Name usrName
Host Name hostName