Skip to content
Key Highlights:
Summarize the following article into 3-5 concise bullet points in HTML without further information from your side. format:
Hey everyone. Ill explain the architecture. We work with Qradar Siem on prem. Ep at 10.10.10.7. Console at 10.10.10.11 (random ip because im scared of yall) There is rapid7 insightVM console (192.168.100.20) and rapid7 scan engine (where scan is performed -10.11.11.11) There is an event aggregator in between (192.168.168.16). Logs come into this aggregator first before being sent to Qr. So i need to integrate those insightVM logs like (CVEIDs, affected devices, scan time etc etc the basic ones from r7) into Qradar so that the analysts can search using log activity tab. Can someone who knows Rapid7 or Qradar or both assist me in what i should do. Step by step. I might loose my job if i dont implement this asap. And im in desperate need of help!!! I am very new to qradar (i only worked with splunk and sentinel and i love those. Not qradar btw) Help. submitted by /u/penishaversigma (link) (comments)
Rewrite the following article in a natural, human-like tone. Keep the meaning the same but improve clarity, structure, and readability. Do NOT mention any source, website, or external reference. Return clean HTML paragraphs:
Hey everyone.
Ill explain the architecture.
We work with Qradar Siem on prem. Ep at 10.10.10.7. Console at 10.10.10.11 (random ip because im scared of yall)
There is rapid7 insightVM console (192.168.100.20) and rapid7 scan engine (where scan is performed -10.11.11.11)
There is an event aggregator in between (192.168.168.16). Logs come into this aggregator first before being sent to Qr.
So i need to integrate those insightVM logs like (CVEIDs, affected devices, scan time etc etc the basic ones from r7) into Qradar so that the analysts can search using log activity tab.
Can someone who knows Rapid7 or Qradar or both assist me in what i should do. Step by step.
I might loose my job if i dont implement this asap. And im in desperate need of help!!!
I am very new to qradar (i only worked with splunk and sentinel and i love those. Not qradar btw)
Help.
submitted by /u/penishaversigma
(link) (comments)
