OpenVPN (OPNSense) and DNSMASQ (Pi-Hole) DSM

I have created 2 new DSMs (OpenVPN and DNSMASQ (Pi-Hole)) that are available on GitHub with instructions on how to utilize them with QRadar. They are currently running in my home lab environment without issues and I wanted to share them incase anybody else is running similar applications/services and they want to utilize them with QRadar. I utilize both OPNSense (OpenVPN Server) and Pi-Hole (DNSMASQ Server) that will send the logs to QRadar.

**Note:** They are a WIP project, but I believe I have mapped all the events that they send to QRadar.

**DNSMASQ (Pi-Hole):**

**OpenVPN (OPNSense):**

If you have any additional questions let me know below or you can create an issue on the GitHub repositories and I will review them as I get free time. As always thanks for the IBM team and all that they do to support QRadar!


Leave a Reply