I am looking for documentation, examples and other prior art for integrating Ranger logs with IBM QRadar. Our Security team uses QRadar for log filtering and monitoring and requires we send our audit logs to a QRadar event hub for audits.
Hi We don't have any specific documentation, But the ranger audit logs will be stored in solr, If possible you can query the audits using solr and you can make an integration from solr to IBM QRadar
@wjsandman, Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future.
Just saw this reply... not alot of direction, but better than nothing. I'll have a look and reply.
Sure, will wait for your response. Thanks @wjsandman.