Event collection

Log Collection

PUSH METHOD [Log sources generate the logs and send them to QRadar] - For example, Syslog

PULL METHOD [Log sources generate the logs but don't send them to QRadar, it is stored locally.QRadar needs to connect to the server and collect the information] - For example, Collecting logs from Windows servers

images/12-1

images/12-2

Examples:

images/12-3
images/12-4
images/12-5
images/12-6
images/12-7
images/12-8
PreviousData collection overviewNextFlow collection

Last updated

Was this helpful?