To view the events acquired in Nebula, install the Malwarebytes extension using the Extensions Management in IBM® QRadar®. Follow the instructions in Installing extensions by using Extensions Management and import one of the following Malwarebytes installer packages:
Designate one of your Malwarebytes Windows endpoints to forward syslog data to your Windows™ server. To configure the Malwarebytes Nebula syslog,
- Log in to Nebula and go to Settings > Syslog Logging.
- Follow the steps in the article Configure Syslog in Nebula platform. When configuring Syslog Communication Settings, enter your Windows server IP address for the IP Address/Host field.
If you are using Malwarebytes Breach Remediation, see the Event Logging to syslog section of the Malwarebytes Breach Remediation Windows Administrator Guide for configuration instructions.
Return to IBM QRadar and Nebula integration guide.