Troubleshooting
Problem
This article discusses how to determine the port used for QRadar Docker Apps.
Resolving The Problem
Determine the ports by using Docker
Use this command to get the IDs of the running Apps and feed them into the docker port command to see an output of the ports being used by each App:
docker ps -a --format "{{.ID}},{{.Image}}" | grep qapp | cut -d, -f1 | xargs -t -n1 docker port
Result
The command returns the ports. Example output:
docker port 073c50fdaddd
5000/tcp -> 0.0.0.0:25709
docker port e3eed31e1ff7
5000/tcp -> 0.0.0.0:9476
Alternatively, determine the ports by using the utility tools:
You can use the qapp_utils to get the App ID and Port in 7.2.8, 7.3.0 and 7.3.1 versions. To get the App ID and Port in 7.3.2 use the recon utility.
- In QRadar versions 7.3.2 and above run the command:
/opt/qradar/support/recon ps - In QRadar versions 7.3.0 and 7.3.1 run the command:
/opt/qradar/support/qapp_utils_730.py ps./ - In QRadar versions 7.2.8 run the command:
/opt/qradar/support/qapp_utils.py ps
Results
The command returns the ports. Example output:
Collecting app data......... Complete!
Id Name Container Container Image Container ip:port Host ip:port ABCDEFGHIJ
1051 Threat Intelligence c7310bec276f qregi...2-20181107191246 169.254.3.4:5000 192.168.0.30:31376 +-++++++++
1002 App Authorizatio... 5beffe147606 qregi...qapp/1002:1.0.13 169.254.3.6:5000 192.168.0.30:4669 ++++++++++
1001 QRadar Assistant 4c15fd5ea8d9 qregi.../qapp/1001:1.1.1 169.254.3.3:5000 192.168.0.30:25844 ++++++++++
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Component":"App Framework","Platform":[{"code":"PF016","label":"Linux"}],"Version":"7.2.8;7.3.0;7.3.1;7.3.2","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
24 May 2022
UID
ibm10738745