Microsoft Hyper-V DSM integration process

You can integrate Microsoft Hyper-V DSM with IBM QRadar by using WinCollect.

Use the following procedures:

1. Download and install the DSM-MicrosoftHyperV RPM and the WinCollect RPM from the IBM® support website (http://www.ibm.com/support).
2. Install a WinCollect agent on the Hyper-V system or on another system that has a route to the Hyper-V system. You can also use an existing WinCollect agent. For more information about WinCollect, see the WinCollect documentation (https://www.ibm.com/docs/en/qsip/7.5?topic=configuring-wincollect-7) .
3. If automatic updates are not enabled, download and install the DSM RPM for Microsoft Hyper-V on your QRadar Console. RPMs need to be installed only one time.
4. For each Microsoft Hyper-V server that you want to integrate, add a log source on the QRadar Console.