This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Qradar log forwarding with Extreme NAC

Qradar log forwarding with Extreme NAC

Jithishkk
New Contributor

‎07-17-2023 08:28 AM

Hello Team,

We are trying to forward the logs received in Extreme NAC to Qradar. We have added in the Qradar IP and port details.

We are receiving only header information from the Extreme NAC.

1. Any addition configuration required?

2. What is the Syslog format shared by Extreme NAC to Qradar.

Note : Qradar is receiving logs in LEEF format. 

 

 

0 Kudos
2 REPLIES 2

Jithishkk
New Contributor

‎07-17-2023 08:29 AM

To add , Qradar is expecting the logs in LEEF format.

0 Kudos

Adam_Minowski
Extreme Employee
In response to Jithishkk

‎07-25-2023 05:16 AM - edited ‎07-25-2023 05:18 AM

Please check this out

Adam_Minowski_1-1690287479199.png

SIEM configuration is refering directly to QRadar as QRadar was Extreme SIEM a time ago.

0 Kudos
GTM-P2G8KFN