Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
We are currently facing challenges in configuring the transmission of consolidated event logs to QRadar using syslog push. Despite entering the correct details for the syslog push, we continually encounter errors.
Here is a summary of our current set...
Hello,
what if ESA is registered to SMA with the Data Int IP? If I change that data IP on ESA, I will ofc change it on SMA too. Is it needed to suspend listeners? What about old messages in the quarantine? Will they find a new way if we release them?...
