Karl, I do not agree with your statement here ....
> Even if you choose a reinstall, an export and import using CMT or export and import of logsource, network etc. would be better than backup restore which is designed to overcome outages rather than migration scenarios.
9 times out of 10 it will be 'better' to migrate from one environment to another using Backup/Restore than it would be to use CMT or to use other import/export options.
There are rare exceptions where CMT would be the preferred option - but that would usually be where you are trying to merge deployments rather than a straightforward migration.
Yes, there are some 'gotchas' with Backup/Restore - but these are usually quite easy to mitigate. CMT on the other hand can cause all sorts of issues with the resulting configuration - even if it looks like it worked OK.
pfh (IBM UK Security Technology Expert Labs - QRadar)
------------------------------
Paul Ford-Hutchinson
------------------------------
Original Message:
Sent: Mon June 16, 2025 09:27 AM
From: Karl Jaeger
Subject: Migration of QRadar from VMware VM Appliance to Hyper-V or Nutanix
Vydenis, the image approach Rory recommended is much bette than backup and restore. Keep in mind that this requires an 100% identical landscape of hosts which is not the case I guess. Moreover it's unnecessary when firing up the images in your ne environment. Even if you choose a reinstall, an export and import using CMT or export and import of logsource, network etc. would be better than backup restore which is designed to overcome outages rather than migration scenarios.
------------------------------
[Karl] [Jaeger] [#ibmchampion]
[QRadar Specialist]
Original Message:
Sent: Mon June 16, 2025 02:52 AM
From: Vydenis Kucinskas
Subject: Migration of QRadar from VMware VM Appliance to Hyper-V or Nutanix
Rory,
Maybe you could provide some more information about such scenario with disk images, how could it be done?
Because we have similar issue, but instead, we want to migrate from Hyper-V to ESXi.
I have read those instructions and instructions are clear but we was planning to migrate as per instructions with whole QRadar reinstallation and then backup and recovery.
Maybe then it is easier to do that with disk image, but then question how to convert disk image and with which tools from vhdx to vmdk quickly and without any fatal errors which in future can cause QRadar/VM instability? And then also question, how then minimize downtime?
BR
Vydenis
------------------------------
Vydenis Kucinskas
Original Message:
Sent: Fri June 13, 2025 08:31 AM
From: Rory Bray
Subject: Migration of QRadar from VMware VM Appliance to Hyper-V or Nutanix
There isn't a specific hypervisor-to-hypervisor migration guide. The closest you're going to get to an official procedure is the traditional hardware migration, and that is well documented. https://www.ibm.com/docs/en/qsip/7.4?topic=hardware-qradar-siem-migration-scenarios
The major difference in virtual is that you can use disk images in therefore you might be able to skip the backup and recovery method. You will have all the same caveats around changing IP addresses and so on. For example, if your console cannot retain the same IP address in the new environment, then you'll have to break up the deployment first.
------------------------------
Rory Bray
Security and Compliance Architect, Threat Management
IBM
Original Message:
Sent: Wed June 11, 2025 09:45 PM
From: 愛 中村
Subject: Migration of QRadar from VMware VM Appliance to Hyper-V or Nutanix
Hello,
We are currently running QRadar on a VMware virtual appliance. We are considering migrating it to either a Hyper-V or Nutanix environment. Is it possible to perform this migration using any official tools or supported methods?
If there are any documented procedures or case studies available, we would greatly appreciate it if you could share them.
Thank you in advance.
------------------------------
愛 中村
------------------------------