Requesting log bundles and performance scripts

Log bundles are a group of compressed logs that contain details specific to your IBM® QRadar® deployment. This information includes hostnames, IP addresses, and email addresses. You can also include application and performance logs from all applications on your QRadar Console in your log bundle.

About this task

Use the QRadar on Cloud Self Serve app to request log bundles for your QRadar on Cloud instance. If requested by Customer Support, you can include log bundles in your support tickets. Only one log bundle request can be made at a time.

Procedure

  1. Open the Admin settings, and click QRadar on Cloud Self Serve.
  2. Click Log Bundles.
  3. To request a new log bundle, complete the following steps:
    1. In the Log Bundles section, click Request New Log Bundle.
    2. Optional: To include application extension logs in the log bundle, select the Include App Logs checkbox.
    3. Click Submit.
  4. To request a new performance script, complete the following steps:
    1. In the Performance Scripts section, click Request New Performance Script.
    2. In the Script Performance Details window, select the preferred Script Name and Target host.
    3. Click Submit.
    Important: For optimal performance script execution, run the bundles sequentially and request the next one upon completion.

Results

New rows are created in the respective sections (Log Bundles and Performance Scripts), and the status changes from PROCESSING to COMPLETED.