Configuring IBM Security Trusteer Apex Advanced Malware Protection to send syslog events to QRadar
You can configure IBM® Security Trusteer Apex™ Advanced Malware Protection to send syslog events to IBM QRadar.
Before you begin
Install an Apex Local Manager on your Trusteer Management Application™ (TMA).
For more information about configuring your IBM Security
Trusteer Apex Advanced Malware Protection to
communicate with QRadar, see:
- IBM Security Trusteer Apex Advanced Malware Protection Local Manager - Hybrid Solution Reference Guide
- IBM Security Trusteer Apex Advanced Malware Protection Feeds Reference Guide
Note: SSL/TLS authentication is not supported.
Procedure
- Log in to Trusteer Management Application (TMA).
- Select Apex Local Manager & SIEM Settings.
- Optional: If the Apex Local Manager wizard doesn't automatically display, click Add.
- Type the name of the Apex Local Manager.
- Select the Enable check box and click Next.
- Type the server settings for QRadar and click Next.
- Optional: If you use a separate syslog server for the Apex Local Manager system events, type the settings.
- Click Finish.