Logs are encrypted on Qradar server
book
Article ID: 169012
calendar_today
Updated On:
Products
Advanced Secure Gateway Software - ASG
SG-300
SG-S500
SG-S400
Secure Web Gateway Virtual Appliance
SG-S200
ProxySG Software - SGOS
SWG VA-100
Issue/Introduction
Unable to view custom access log on QRadar due to encrypted or zip log by default.
Cause
The ProxySG initially compresses the log file into a gzip.
Resolution
In Management console > Configuration > Access Logging > Logs > Upload Client; save log file as "text file" under Transmission Parameters.
Feedback
thumb_up
Yes
thumb_down
No