Associate Consultant (Cyber Security) at Capgemini | SIEM | SOC | IBM Qradar | CHFI | SecOps
How to integrate SAP logs to IBM Qradar, is there's another custom way to get SAP logs
We want to inegrate our SEIM tool with SAP but everything I am seeing states I need to either purchase ETD or another third party solution. I was wondering if anyone knows af the logs can be sent to QRadar without this and if so do you know of a link for implementing this type of solution.
Hi Akash - the native QRadar and SAP integration is primarily with SAP Enterprise Threat Detection and Enterprise Threat Monitor. There are some alternative approaches, such as pushing the SAP logs as a flat file, and creating a Device Support Module (DSM) to parse the flat file. Here's a thread in the IBM Security Community which discusses this topic https://community.ibm.com/community/user/security/communities/community-home/digestviewer/viewthread?GroupId=2497&;MessageKey=95fff4a8-2a0c-43a7-9839-250d632d9efa&CommunityKey=f9ea5420-0984-4345-ba7a-d93b4e2d4864&tab=digestviewer&ReturnUrl=%2Fcommunity%2Fuser%2Fsecurity%2Fcommunities%2Fcommunity-home%2Fdigestviewer%3FCommunityKey%3Df9ea5420-0984-4345-ba7a-d93b4e2d4864
With over 3 million reviews, we can provide the specific details that help you make an informed software buying decision for your business. Finding the right product is important, let us help.