Logs are encrypted on Qradar server

Article Id: 169012

Status: Published

Updated On: 12-05-2018 15:30

Legacy Id: TECH245798

Products:

Advanced Secure Gateway Software - ASG , SG-300 , SG-S500 , SG-S400 , Secure Web Gateway Virtual Appliance , SG-S200 , ProxySG Software - SGOS , SWG VA-100

Issue/Introduction:

Unable to view custom access log on QRadar due to encrypted or zip log by default.

Cause:

The ProxySG initially compresses the log file into a gzip.

Resolution:

In Management console > Configuration > Access Logging > Logs > Upload Client; save log file as "text file" under Transmission Parameters.