Solved: Re: How do I consume Enterprise Manager audit logs... - Qlik Community

Ewan · ‎2022-04-07

Hi there

We use a SIEM and we need to ingest the AEM auditlog files. How do we convert them from the default compressed format?

Thank you

Ewan

Albert_Candelario · ‎2022-04-12

Hello @Ewan ,

Thanks for posting, but I am afraid you might have not posted on the right forum.

Would you be so kind to post the question on- Qlik Enterprise Manager Discussions | Qlik Community

Thanks in advance.

Cheers,

Albert

Please, remember to mark the thread as solved once getting the correct answer

View solution in original post

Ewan · ‎2022-04-13

Thank you. I didn't see that the Security and Governance tag redirected me to Qlik Sense.

Qlik Support answered the question for me anyway. There is no way to directly process the audit files. You would need to use the API.

Regards, Ewan

View solution in original post

rohitk1609 · ‎2022-04-07

Qlik Save logs in text file and qvds. try text files first, if doesn't work, load the qvd in app and save it in csv or xlx format which is suitable for SIEM.

Ewan · ‎2022-04-08

Hi there - thank you for the suggestoin.

This is the Qlik Replicate suite - not the dashboards. So I don't think this is qvd format, and it's not raw text. I could go into the GUI every day and export the logs to text manually. But that is not a sustainable solution. I was hoping there was some way of ingesting the files directly.

Albert_Candelario · ‎2022-04-12