Logs are encrypted on Qradar server

book

Article ID: 169012

calendar_today

Updated On:

Products

Advanced Secure Gateway Software - ASG SG-300 SG-S500 SG-S400 Secure Web Gateway Virtual Appliance SG-S200 ProxySG Software - SGOS SWG VA-100

Issue/Introduction

 Unable to view custom access log on QRadar due to encrypted or zip log by default. 
 

Cause

The ProxySG initially compresses the log file into a gzip.

Resolution

In Management console > Configuration > Access Logging > Logs > Upload Client; save log file as "text file" under Transmission Parameters.