To collect Microsoft SQL Server LOGbinder events, you must configure your LOGbinder SQL
system to send events to IBM
QRadar.
Before you begin
Configure LOGbinder SQL to collect events from your Microsoft SQL Server. For more
information, see your LOGbinder SQL documentation.
Procedure
-
Open the LOGbinder SQL Control Panel.
-
Double-click Output in the Configure pane.
- Choose one of the following options:
- Configure for Syslog-Generic output:
- In the Outputs pane, double-click Syslog-Generic.
- Select the Send output to Syslog-Generic check box, and then enter the IP address and port of your QRadar Console or Event Collector.
- Configure for Syslog-LEEF output:
- In the Outputs pane, double-click Syslog-LEEF.
- Select the Send output to Syslog-LEEF check box, and then enter the IP address and port of your QRadar Console or Event Collector.
-
Click OK.
-
To restart the LOGbinder service, click the Restart
icon.