Logs are encrypted on Qradar server

Article Id: 169012

Status: Published

Updated On: 12-05-2018 15:30

Legacy Id: TECH245798

Products:

Advanced Secure Gateway Software - ASG SG-300 SG-S500 SG-S400 Secure Web Gateway Virtual Appliance SG-S200 ProxySG Software - SGOS SWG VA-100

Issue/Introduction:

Unable to view custom access log on QRadar due to encrypted or zip log by default.

Cause:

The ProxySG initially compresses the log file into a gzip.

Resolution:

In Management console > Configuration > Access Logging > Logs > Upload Client; save log file as "text file" under Transmission Parameters.