PAM integration with IBM QRadar
search cancel

PAM integration with IBM QRadar


Article ID: 189204


Updated On:


CA Privileged Access Manager (PAM)


Can PAM be integrated with IBM QRadar?


Product: Layer 7 Privileged Access Management.
Release: 3.x


Unfortunately PAM does not have an 'Out of the Box' integration with IBM QRadar. The SIEM (Security Information and Event Management) integration that we have is with Splunk.  

Nonetheless, just like Splunk, QRadar can also receive syslog events.
This would allow us to send the syslog events generated in the PAM Server to the QRadar computer. 
As per the following IBM document, it looks like QRadar uses port# 514:

Verifying that QRadar receives syslog events

In order to set the proper syslog events redirection, open the PAM Client and go to 'Configuration / Logs / Syslog

Here you can enable the redirection of the syslog event to a specified server and port.

Additional Information

If you want official integration in IBM Qradar - than please open an idea (enhancement) in our Symantec Privileged Access Management Community