Authenticated Proxy for X-Force in QRadar

Author(s): László Czap, Péter Tusnády | Created: 19 June 2024 | Last modified: 19 June 2024
Tested on: -

Authenticated Proxy for X-Force in QRadar

When you want to enable X-Force updates through a proxy that requires basic authentication you need to follow the steps from this tech note:

If you are lucky, it works and you don't even notice that actually some calls are made to the QRadar Console from the QRadar Console through the proxy. Weird. If your proxy is more picky - as it was in our case, it does not allow this connection and you see that the feed update does not work. You must change two more config files to avoid this. Edit the files:


Both files contain URLs with "localhost" or the console's own IP address. Change these to point to the actual X-Force update and license servers respectively, which are:


The log files you want to check to see if X-Force updates work fine are: