Use the TLS proxy for communication between IBM®
Disconnected Log Collector and IBM
QRadar®. Disconnected Log
Collector supports the basic
authentication method for proxy authentication.
About this task
In 1.8.5, when you install or upgrade your Disconnected Log
Collector, the
config.json file has a Proxy section that you can
configure.
Tip: If the proxy server connection is interrupted, the Disconnected Log
Collector automatically attempts to
re-establish the connection.
Procedure
- In the config.json file, review the Proxy
section
In the following example, the default settings are
configured.
"Proxy": {
"proxy.description":"Only applicable to destination types TLS, not applicable to destination.type: Kafka and UDP",
"proxy.enabled":"false",
"proxy.ip":"",
"proxy.port":"",
"proxy.username":"",
"proxy.password":""
}
- To enable the proxy, change the value for the proxy.enabled
parameter to
true
.
- For the proxy.ip parameter, enter the IP address of the proxy
server.
The value can be either an IP address or a fully qualified domain name
(FQDN).
- For the proxy.port parameter, enter the port that the proxy server
can receive connections on.
- Enter the proxy.username that you configured on the proxy
server.
- Enter the encrypted proxy.password that you configured on the proxy
server.
To encrypt the proxy password, complete the following steps:
- Run the following script:
/opt/ibm/si/services/dlc/current/script/encrypt.sh
- You are prompted to enter and re-enter the proxy password in plain
text.
- Copy the encrypted password that is displayed.
What to do next
Note: Connection issues are logged in
/var/log/dlc/dlc.error.