Verifying your QRadar configuration

After the installation of the Delinea Add-on for QRadar is complete, QRadar should be parsing and indexing the new Delinea audit trail events.

To validate your installation:

  1. Generate some Delinea audit trail events into a Delinea managed member server.

    For example, log in to the server to generate an authentication event. You should be able to access the generated events from the QRadar Console system.

  2. Log in to the QRadar Console and click the Log Activity tab.

    You should see different Delinea audit events that QRadar parsed.

    alt

    When you click a specific event to open the detailed view, it should show various Delinea-specific fields as shown in the following example:

    alt