Effective August 18, 2023, the integration between IBM QRadar and Nebula has reached its End of Maintenance (EOM). While the integration remains available for use, we would like to inform you that it will no longer receive updates. We encourage you to exercise caution when using this integration, as any use will be at your own risk. We are committed to providing ongoing support for common product usage questions and access to our online articles.
To view the events acquired in Nebula, install the Malwarebytes extension using the Extensions Management in IBM® QRadar®. Follow the instructions in Installing extensions by using Extensions Management and import one of the following Malwarebytes installer packages:
Designate one of your Malwarebytes Windows endpoints to forward syslog data to your Windows™ server. To configure the Malwarebytes Nebula syslog,
- Log in to Nebula and go to Configure > Syslog Logging.
- Follow the steps in the article Configure Syslog in Nebula platform. When configuring Syslog Communication Settings, enter your Windows server IP address for the IP Address/Host field.
If you are using Malwarebytes Breach Remediation, see the Event Logging to syslog section of the Malwarebytes Breach Remediation Windows Administrator Guide for configuration instructions.
Return to IBM QRadar and Nebula integration guide.