Amazon AWS Elastic Kubernetes Service

The the QRadar® product data source type for Amazon AWS Elastic Kubernetes Service collects JSON formatted events from the log group of the Amazon CloudWatch logs service.
To integrate Amazon Elastic Kubernetes Service (Amazon EKS) with the QRadar product, complete the following steps:
  1. Configure Amazon Elastic Kubernetes Service (Amazon EKS) to send events to the QRadar product. For more information, see Configuring Amazon Elastic Kubernetes Service to communicate with the QRadar product.
  2. If the QRadar product does not automatically detect the data source, add an Amazon AWS Elastic Kubernetes Service data source in the QRadar product.

For more information about adding a data source in the QRadar product, see Adding ingestion data sources.

If you are an IBM® QRadar user, see Terminology changes for QRadar customers.