Support

Support for business applications

Kaspersky CyberTrace

Installation and integration guides

Part 2: Integrating Kaspersky CyberTrace with an event source

Integration with QRadar

Alternative integration (QRadar)

Integration with QRadar when QRadar cannot get updates
Kaspersky CyberTrace
Нет результатов
Online Help
FAQ System requirements Download Contact support Recovery tools Product videos

Integration with QRadar when QRadar cannot get updates

April 11, 2024

ID 167589

If it is not possible to get the latest QRadar updates, use the configuration procedure below.

To use QRadar with Kaspersky CyberTrace Service if QRadar cannot be updated:

  1. Import new QRadar identifiers to QRadar.
  2. Add Kaspersky CyberTrace Service as a log source for QRadar.
  3. Map Kaspersky CyberTrace Service events to QRadar identifiers.
  4. Specify the log source type.
  5. Perform the verification test.
  6. (optional) Perform all steps from the following instructions: Configure QRadar to display custom fields of events.
  7. (optional) Perform all steps from the following instructions: Configure QRadar to display events in a dashboard.

After you have successfully integrated Kaspersky CyberTrace with QRadar, install Kaspersky CyberTrace App for QRadar.

In this section

Importing QIDs to QRadar

Adding Kaspersky CyberTrace Service as a log source

Mapping events to QIDs

Specifying the log source type

Did you find this article helpful?
What can we do better?
Thank you for your feedback! You're helping us improve.
Thank you for your feedback! You're helping us improve.