Configuring IBM Security Trusteer Apex Advanced Malware Protection to send TLS Syslog events to QRadar

You can configure IBM® Security Trusteer Apex Advanced Malware Protection to send syslog events through secure socket layer (SSL) or transport layer security (TLS) to IBM QRadar.

Complete the following steps to establish a secure channel for transmitting logs between Apex Trusteer® and QRadar:
  1. Create TLS/SSL Server Certificates and private key.
  2. Create Client Authentication certificates in a PKCS#12 container for Apex Local Manager.
  3. Configure the QRadar® log source for IBM Security Trusteer Apex Advanced Malware Protection.
  4. Configure the Apex Local Manager(ALM).