How to configure QRadar to ingest Splunk event logs

Question & Answer

Question

The IBM QRadar App For Splunk Data Forwarding allows you to forward events from your Splunk Deployment to QRadar. Simply enter the IP of your Splunk instance, discover what data your Splunk instance is collecting, and then point and click to start forwarding your data to QRadar, enabling more security use cases. The app works with both the universal forwarder and heavy forwarder.

This video explains how you configure QRadar SIEM to ingest event logs from a deployed Splunk instance.

Duration: 6 Minutes
Follow the link in related information to view the course on the IBM Security Learning Academy

Answer

The Security Learning Academy is a full service learning platform, providing various training objects and instruction options.

Related Information

Click here to view this course on the IBM Security Learning Academy

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version","Edition":" ","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Tips

How to configure QRadar to ingest Splunk event logs

Question & Answer

Question

Answer

Related Information

Was this topic helpful?

Document Information

UID

Share your feedback

Need support?