Supported Types
Configuration Table
| Parameter | Default | |
|---|
| Field to Send | Body | Whether to send a Body or Attribute field to QRadar. |
| Body Field | | When Field to Send is Body, this is the body field that will be sent. If empty, all Body fields are sent to QRadar. |
| Attribute Field | | When Field to Send is Attribute, this is the attribute field that will be sent. If empty, all Attribute fields are sent to QRadar. |
| QRadar Endpoint | | The QRadar endpoint to send logs to. |
| Transport Protocol | tcp | the transport protocol to use. Must be one of tcp or udp. |
Supported Retry and Queuing Settings
This destination supports the following retry and queuing settings:
| Sending Queue | Persistent Queue | Retry on Failure |
|---|
| ✓ | ✓ | ✓ |
