AnsweredAssumed Answered

integration with QRadar - Q1Labs

Question asked by Max Max on Oct 24, 2013
Latest reply on Oct 29, 2013 by Max Max

Hi all,

 

I'm having some problem with the integration of Qualys with QRadar. The latter is actually receiving the logs from Qualys and it is creating the list of the Vulns in its asset, but I'm continuosly seeing offenses on QRadar almost empty, with just the IP address.

 

This is the log in QRadar:

 

<166>Oct 21 18:25:05 127.0.0.1 HostEventLogger-New Hosts | [Action] [Vis] [NewVuln]  ... ( vulns="", ports="", OS="unknown", IP="192.168.X.X" )

 

Any idea?

Outcomes