i have been working on my research about how effective IBM Qradar SIEM tools to protect private cloud against APT attack. I use Nextcloud as my private test cloud, that have been installed on ubuntu server. i want to ask about how to integrate Nextcloud with IBM Qradar, so Qradar can receive logs from Nextcloud and can parse the event.
Asked
Active
Viewed 119 times
1 Answers
0
Nextcloud uses JSON and SIEM solutions can parse JSON by using regex. Here an example.
Regex for parsing single key: values out of JSON in Javascript
