IBM Support

QRadar: Using the command line to troubleshoot a Syslog event source

Question & Answer


Question

I forwarded my Syslog events to QRadar, but I do not see any events on the Log Activity tab. How can I use the command line to troubleshoot event issues?

[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwsyAAA","label":"Admin Tasks"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.3.3;7.4.3;7.5.0"}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

More support for:
IBM Security QRadar SIEM

Component:
Admin Tasks

Software version:
7.3.3, 7.4.3, 7.5.0

Operating system(s):
Linux

Document number:
512135

Modified date:
18 August 2023

UID

swg21674902

Manage My Notification Subscriptions