Reset Search



Siem: How to Gather Logs From a Siem using

« Go Back


TitleSiem: How to Gather Logs From a Siem using
  • How to gather logs from a Dragon Siem implementation.
  • Siem v7.x
  • The command is:  /opt/qradar/support/
  • If there is a C1 issue with a failed upgrade or install, you can add the -s argument to obtain all the setup files:  /opt/qradar/support/support/ -s
  • The command is run on the Siem console machine in most cases.
  • Also, prior to running, it is more efficient to duplicate the issue and note the timestamp the issue was reproduced, then immediately run the  When sending the get_logs file, please send us this timestamp.  This allows us to isolate the timeframe of when the issue occurred within the log files more efficiently.
The utility will then run for a few minutes gathering all the logs and making one archive file with all the logs within.  When the command completes it will then display the full path to this generated archive file on the Siem machine, which can be sent to support for analysis.

The size of this file may by too large to send to us via email.  The Extreme Networks secure upload utility may need to be used to upload the file.
Additional notes



Was this article helpful?



Please tell us how we can make this article more useful.

Characters Remaining: 255