Introducing G2.ai, the future of software buying.Try now
Akash K.
AK
Associate Consultant (Cyber Security) at Capgemini | SIEM | SOC | IBM Qradar | CHFI | SecOps

How to integrate SAP logs to IBM Qradar, is there's another custom way to get SAP logs

We want to inegrate our SEIM tool with SAP but everything I am seeing states I need to either purchase ETD or another third party solution. I was wondering if anyone knows af the logs can be sent to QRadar without this and if so do you know of a link for implementing this type of solution.
1 comment
Looks like you’re not logged in.
Users need to be logged in to answer questions
Log In
IBM QRadar SIEM
Official Response
IBM QRadar SIEM
Jeremy G.
JG
Product Marketing at SentinelOne
0
Hi Akash - the native QRadar and SAP integration is primarily with SAP Enterprise Threat Detection and Enterprise Threat Monitor. There are some alternative approaches, such as pushing the SAP logs as a flat file, and creating a Device Support Module (DSM) to parse the flat file. Here's a thread in the IBM Security Community which discusses this topic https://community.ibm.com/community/user/security/communities/community-home/digestviewer/viewthread?GroupId=2497&;MessageKey=95fff4a8-2a0c-43a7-9839-250d632d9efa&CommunityKey=f9ea5420-0984-4345-ba7a-d93b4e2d4864&tab=digestviewer&ReturnUrl=%2Fcommunity%2Fuser%2Fsecurity%2Fcommunities%2Fcommunity-home%2Fdigestviewer%3FCommunityKey%3Df9ea5420-0984-4345-ba7a-d93b4e2d4864
Looks like you’re not logged in.
Users need to be logged in to write comments
Log In
Reply