Message Image

Log in

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

IBM Security Join our 16,000+ members as we work together to overcome the toughest challenges of cybersecurity. Join the Community

Skip main navigation (Press Enter).

IBM Security QRadar

View Only

QRIF Benchmarking - Supporting Cold vs. Warm Time Range Searches

By DOGA TAV posted Wed March 22, 2023 11:52 AM

Like

Note: The work presented in this blog is protected by the following patent(s): "US-11290432-B2 -Secure data transfer architecture for benchmarking"

Summary

After adding 1 min, 5 min, 15 min, 30 min searches to the set. We want to take one step further, currently, in our ForensicsBenchmarker, the time range searches gets executed in the beginning of the shard. We want to extend our Forensicsbenchmarker to execute the same set of searches at the end of the shard as well. Since, the end of the shard will change over time as we push more data to the shard, our aim is to get a clearer picture of warm vs. cold cache search performance. Unlike Ariel, in Solr one just can not execute "last 5 min" search, need to be more exact for the time range. Thus, before running every set, we make sure to issue a query the start time first to be uniformly used with the rest of the searches.

Description

0 comments

8 views

Permalink

Powered by Higher Logic