QRadar
Supported Types
Metrics
Logs
Traces
✓
Configuration Table
Parameter
Default
Description
Field to Send
Body
Whether to send a Body or Attribute field to QRadar.
Body Field
When Field to Send is Body, this is the body field that will be sent. If empty, all Body fields are sent to QRadar.
Attribute Field
When Field to Send is Attribute, this is the attribute field that will be sent. If empty, all Attribute fields are sent to QRadar.
QRadar Endpoint
The QRadar endpoint to send logs to.
Transport Protocol
tcp
the transport protocol to use. Must be one of tcp or udp.
*required field
Supported Retry and Queuing Settings
This destination supports the following retry and queuing settings:
Sending Queue
Persistent Queue
Retry on Failure
✓
✓
✓
Last updated
Was this helpful?