When configuring a log source, which protocols are used when receiving data into the event ingress component?

When configuring a log source, which protocols are used when receiving data into the event ingress component?
A . SFTR HTTP Receiver, SNMP
B . Syslog, HTTP Receiver, SNMP
C . Syslog, FTP Receiver, SNMP
D . Syslog, HTTP Receiver, JDBC

View Answer

Answer: B

Explanation:

When configuring a log source in IBM QRadar SIEM V7.5, the protocols used to receive data into the event ingress component are critical for ensuring proper data collection and analysis.

The main protocols that are supported for this purpose are:

Syslog: A widely used protocol for message logging, supported by many network devices and servers.

HTTP Receiver: Allows QRadar to receive logs via HTTP POST requests, enabling integration with various web services and applications.

SNMP (Simple Network Management Protocol): Used for collecting and organizing information about managed devices on IP networks and for modifying that information to change device behavior.

Reference

IBM QRadar SIEM documentation and product guides confirm that these are the supported protocols for receiving data into the event ingress component. The specific details on protocol support can be found in the QRadar SIEM administration and configuration manuals.