Case Studies

Logging it all: Integrating Security Monitoring with IBM QRADAR and AWS Cloud

We were asked by our client to develop a cloud strategy to change the way their current “security log collectors” worked. There were multiple log collectors located across the client’s existing data centers and they wanted to consolidate the collection of log files stored and sent to QRadar.

The collector node would securely communicate to an Amazon Web Services (“AWS”) S3 bucket for processing and filtering. It would then communicate the QRADAR security information and event management system (“SIEM”) for processing and analysis by our client. The S3 logs would also be archived and compressed on a schedule basis for future retrieval.

Leave a Reply

Your email address will not be published. Required fields are marked *