Effective August 18, 2023, the integration between IBM QRadar and Nebula has reached its End of Maintenance (EOM). While the integration remains available for use, we would like to inform you that it will no longer receive updates. We encourage you to exercise caution when using this integration, as any use will be at your own risk. We are committed to providing ongoing support for common product usage questions and access to our online articles.
To receive Malwarebytes event logs in the IBM® QRadar® console, create a log source for events to populate in the Log Activity section. Follow these steps to configure a dedicated log source in IBM QRadar.
- From your QRadar console, click the Admin tab.
- In the Data Sources section, click Log Sources.
- Click Add.
- Complete the required fields:
- Log Source Name: Enter a name for the log source.
- Log Source Description: Enter a description for the log source.
-
Log Source Type: Click the dropdown menu and select the Malwarebytes product name that matches the installed package you imported Install and configure Nebula extension in IBM Qradar.
- Malwarebytes Cloud Remediation
- Malwarebytes Breach Remediation
- Log Source Extension: Select same as "Log Source Type" in this drop down.
- Log Source Identifier: The Log Source Identifier must be the public IP address of the syslog forwarding endpoint configured in Nebula.
- Click Save.
Return to IBM QRadar and Nebula integration guide.