To date, there has been no publicly-available tool, IBM or otherwise derived, to effectively extract / convert data from IBM's proprietary QRadar database (Ariel) into any other format with data suitable for use outside of the QRadar platform.

I'm pleased to announce that such a tool has been make available and is published at GitHub - PaloAltoNetworks/Qradar-Ariel-Data-Export: Extract & Convert QRadar Ariel Event Data to JSON Formatted Files

GitHub		remove preview
GitHub - PaloAltoNetworks/Qradar-Ariel-Data-Export: Extract & Convert QRadar Ariel Event Data to JSON Formatted Files Extract & Convert QRadar Ariel Event Data to JSON Formatted Files - PaloAltoNetworks/Qradar-Ariel-Data-Export View this on GitHub >

I hope that folks find it useful. There will be updates to the tool over time.

-Paul

Dear Paul,
Thank you for developing and publishing this tool. I would like to know if there are any plans to include functionality that allows converting JSON-formatted data back into the IBM proprietary format in the future.
Additionally, will it be possible to perform this conversion for selective log sources in the future?
Thank you for your time and support.
Best,

Amit

To date, there has been no publicly-available tool, IBM or otherwise derived, to effectively extract / convert data from IBM's proprietary QRadar database (Ariel) into any other format with data suitable for use outside of the QRadar platform.

I'm pleased to announce that such a tool has been make available and is published at GitHub - PaloAltoNetworks/Qradar-Ariel-Data-Export: Extract & Convert QRadar Ariel Event Data to JSON Formatted Files

GitHub		remove preview
GitHub - PaloAltoNetworks/Qradar-Ariel-Data-Export: Extract & Convert QRadar Ariel Event Data to JSON Formatted Files Extract & Convert QRadar Ariel Event Data to JSON Formatted Files - PaloAltoNetworks/Qradar-Ariel-Data-Export View this on GitHub >

I hope that folks find it useful. There will be updates to the tool over time.

-Paul