Configuring Vectra Networks Vectra to communicate with QRadar

To collect Vectra Networks Vectra events, configure the QRadar syslog daemon listener.

Before you begin

Important: The IBM QRadar DSM for Vectra Networks Vectra is deprecated.

To continue taking advantage of this integration, please download the Vectra Networks Vectra DSM from the IBM Security App Exchange website (https://exchange.xforce.ibmcloud.com/hub/extension/47f3e9afff5e0281d6684bb633d769f2).

Procedure

Log in to the Vectra web console.
Click settings > Notifications.
In the Syslog section, click Edit.
Configure the following QRadar syslog daemon listener parameters:

Option Description

Destination The QRadar Event Collector IP address.

Port 514

Protocol UDP

Format CEF

Option	Description
Destination	The QRadar Event Collector IP address.
Port	514
Protocol	UDP
Format	CEF