Uploading the Jamf Security Cloud CEF Log File Extension for IBM QRadar

Jamf Protect Documentation
Solution
Application
Content Type
Technical Documentation
Utilities & Services
ft:locale
en-US

  1. Log in to your QRadar instance with console administrative access and select the Admin tab.
  2. In the Data Sources section, select Log Source Extensions.
  3. Click Add to add the UniversalCEF_ext Jamf Security Cloud log source extension.
  4. Enter Jamf Security Log Source in the Name field, and enter a Description (optional).
  5. Do the following to complete the Upload Extension field:
    1. Download and save this file to a local drive

      (device_extension.UniversalCEF_ext.1537804916710.xml)

    2. Upload the saved file in this field.
  6. Open the Add a Log Source Extension window.
  7. Select "Universal CEF" in the Available box and move it to the Set to default for box.
  8. Click Save.