I need to parse the Mendix console logs in order to create a file that I can send to an external tool, QRadar. (QRadar consolidates and analyzes log events from various devices and applications distributed throughout a network. QRadar requires log entries to be in either LEEF or CEF format.) We are interested in capturing login information for our Mendix application and providing this information to QRadar. The information we need to capture is the type of login, the username of the person attempting to login, success or failure of the login attempt, source IP address and a timestamp. I have found the information in various log sources in the Mendix console. The Connector, LDAP, WebUI, Core and KerberosSSO nodes all contain parts of the information we need. Is there somewhere else that this information can be found? Are there any settings that would enable us to consolidate the information to make it easier to extract the required information from the log files? Thanks for any insight.
Have you tried the logging module from the app store? You could modify or extend so it will integrate with QRadar in the way you would like
It may not complete live up to the specifications you have set but did you take a look at the logging module from the app store? Maybe you can modify or extend so it will integrate with QRadar in the way you would like.