Qualys FIM for QRadar7.3.3 FP6+/7.4.1 FP2+/7.4.2GA+
Release v1.1.0
Date: December 01, 2021
The File Integrity Monitoring (FIM) application is the cloud solution designed by Qualys to detect integrity violations and alert them to critical system files and registry objects.
Using Qualys FIM for QRadar, you can:
- Fetch the FIM events, ignored events, and FIM incidents from Qualys to ingest into QRadar.
- Search the ingested data in QRadar using the Log Activity tab or use the Dashboard with different widgets to view the data.
Prerequisites
The following are the prerequisites for getting started with FIM for Qualys QRadar:
- A valid Qualys subscription.
- API access to Qualys FIM module.
- Internet access and reachable Qualys API server from QRadar.
This application is compatible with these versions only - QRadar 7.3.3 FP6, 7.4.1 FP2, 7.4.2GA+
Get started with the FIM for QRadar
Following are the steps to get started with FIM for QRadar:
- Go to QRadar's Log Activity tab or the application Dashboard to view the data.
- Install application.
- Validate dependencies.
- Configure the application.
After configuration, schedule the sync. The Qualys FIM Application continuously pulls your event delta.
To check for helpful information, you can visualize historical data using date-time pickers in QRadar's Activity log or application Dashboard.