VMware vCloud Director protocol configuration options

To collect events from VMware vCloud Director virtual environments, create a log source that uses the VMware vCloud Director protocol, which is an active outbound protocol.

The following table describes the protocol-specific parameters for the VMware vCloud Director protocol:

Table 1. VMware vCloud Director protocol parameters
Parameter	Description
Log Source Identifier	The log source name can't include spaces and must be unique among all log sources of this type that are configured with the VMware vCloud Director protocol.
Protocol Configuration	VMware vCloud Director
vCloud URL	The URL that is configured on your VMware vCloud appliance to access the REST API. The URL must match the address that is configured as the VCD public REST API base URL field on the vCloud server. For example, `https://<my.vcloud.server>/api`
User Name	The username that is required to remotely access the vCloud server. For example, `console/user@organization` If you want to configure a read-only account to use with IBM QRadar, create a vCloud user in your organization that has the Console Access Only permission.
Password	The password that is required to remotely access the vCloud Server.
Polling Interval (in seconds)	The amount of time between queries to the vCloud server for new events. The default polling interval is 10 seconds.
EPS Throttle	The maximum number of events per second that QRadar ingests. If your data source exceeds the EPS throttle, data collection is delayed. Data is still collected and then it is ingested when the data source stops exceeding the EPS throttle. The default is 5000.
Enable Advanced Options	Enable this option to configure more parameters.
API PageSize	The number of records to return per API call. The maximum is 128. If you select Enable Advanced Options, this parameter is displayed.
vCloud API Version	The vCloud version that is used in your API request. This version must match a version that is compatible with your vCloud installation. Use the following examples to help you determine which version is compatible with your vCloud installation: vCloud API 33.0 (vCloud Director 10.0) vCloud API 32.0 (vCloud Director 9.7) vCloud API 31.0 (vCloud Director 9.5) vCloud API 30.0 (vCloud Director 9.1) vCloud API 29.0 (vCloud Director 9.0) If you select Enable Advanced Options, this parameter is displayed.
Allow Untrusted Certificates	When you connect to vCloud 5.1 or later, you must enable this option to allow self-signed, untrusted certificates. The certificate must be downloaded in PEM or DER encoded binary format and then placed in the /opt/qradar/conf/trusted_certificates/ directory with a .cert or .crt file extension. If you select Enable Advanced Options, this parameter is displayed.
Use Proxy	If the server is accessed by using a proxy, select the Use Proxy checkbox. If the proxy requires authentication, configure the Proxy Server, Proxy Port, Proxy username, and Proxy Password fields. If the proxy does not require authentication, configure the Proxy IP or Hostname field. If you select Enable Advanced Options, this parameter is displayed.
Proxy IP or Hostname	If you select Use Proxy, this parameter is displayed.
Proxy Port	If you select Use Proxy, this parameter is displayed. The port number that is used to communicate with the proxy. The default is 8080.
Proxy Username	If you select Use Proxy, this parameter is displayed.
Proxy Password	If you select Use Proxy, this parameter is displayed.