Support Questions
Find answers, ask questions, and share your expertise

Is any documentation available for sending Ranger logs to IBM QRadar?

Explorer

I am looking for documentation, examples and other prior art for integrating Ranger logs with IBM QRadar. Our Security team uses QRadar for log filtering and monitoring and requires we send our audit logs to a QRadar event hub for audits. 

 

4 REPLIES 4

Cloudera Employee

Hi We don't have any specific documentation, But the ranger audit logs will be stored in solr, If possible you can query the audits using solr and you can make an integration from solr to IBM QRadar

Community Manager

@wjsandman, Has the reply helped resolve your issue? If so, please mark the appropriate reply as the solution, as it will make it easier for others to find the answer in the future.


Regards,

Vidya Sargur,
Community Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community:

Explorer

Just saw this reply... not alot of direction, but better than nothing. I'll have a look and reply.

 

Community Manager

Sure, will wait for your response. Thanks @wjsandman


Regards,

Vidya Sargur,
Community Manager

Was your question answered? Make sure to mark the answer as the accepted solution.
If you find a reply useful, say thanks by clicking on the thumbs up button.

Learn more about the Cloudera Community: