Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 1 subscriber
  • Views 1690 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos integration with Qradar not working

Abhijeet Nawale

Hello All,

I am trying to export all data/events to SIEM i.e Qradar, however the event collector unable to pull data from Sophos somehow. I tried with following configuration in Qradar:

Log Source Type:              Sophos Enterprise Console

Protocol Type:                  Sophos Enterprise Console JDBC

Log Source Identifier:      SOPHOS552

Database Type:                 MSDE

Database Name:              SOPHOS552

IP or Hostname:               x.x.x.x

Port:                                    1168

Username:                         xyz

Table Name:                      vEventsCommonData

Select List:                         *

Compare Field:                 InsertedAt

Do we need to configure anything at Sophos end? any suggestions ?



This thread was automatically locked due to age.
Unfiltered HTML