Technical Articles
F5 SMEs share good practice.
Showing results for 
Search instead for 
Did you mean: 
Custom Alert Banner
F5 Employee
F5 Employee

Along with the likes of Splunk and DataDog, we can add another SIEM vendor in the Distributed Cloud (XC) external logging line up. QRadar has its own native integration drop-down from the Global Log Receiver menu. 

glr q.png


We know Distributed Cloud’s innate security and performance dashboards are rich with data. Even still, many customers prefer to use their existing SIEM environment to ingest the security events generated from Distributed Cloud. In support of this, a custom F5 XC specific content pack was created to hasten the ease of use within QRadar itself. The content pack consists of a zip file which contains what IBM calls a DSM (Device Support Module) which collects, maps and parses the security events in JSON format. The F5 XC content pack covers both security and access logs.

The content pack is discoverable on IBM’s X-Force App Exchange under F5 Distributed Cloud. 

QRadar is able to collect events forwarded via HTTP or HTTPs. For a deeper technical walkthrough please see the video I’ve created. 


Version history
Last update:
‎06-Oct-2023 14:43
Updated by: