IBM Security QRadar

Fantastic Dashboard Capabilities - QRadar Pulse 2.4

By SHANE LUNDY posted Thu July 02, 2020 07:11 AM

  

Hi Everyone

Let me start and ask these simple questions:

- Do you need to show off your QRadar investment to your CISO?
- Do you need a tool to help investigate threats in your environment?
- Do you need your SOC (Security Operations Centre) big screens highlighting important information to your Analysts?
- Or maybe you are a MSSP that needs to simply build some dashboards that your customers can login and view?

These are just some simple use cases that QRadar Pulse offers to its users. Especially with the new version (Pulse 2.4 on AppExchange ) just released last week. We have really brought a nice and easy workflow for building these dashboards from scratch, downloading pre-build, copying or editing existing and additionally sharing dashboards with other users in the team. 


So what are the highlights that the Pulse Dashboards offer. 

1. Lots of modern widgets and flexibility. Dashboards widgets items like you'd expect like tables, pie charts, bar charts and some new widget types like scatter charts, globe or geo charts, large number, trending charts, etc.
2. Ability to define Parameters. Need to have a parameter added across all your dashboards its now very easy to add a parameter of your choice and have it propagate across all your widgets that you have built making it easy to build a set of dashboards to help with your investigations.
3. Need to visualise data from an API. With the new functionality you can easily query an API and pull that data into Pulse to visualise.
4. Share dashboards with your team, single click link share to pass a dashboard over to a team member or CISO if needed. 
5. Easily import or export dashboards if needed. Plenty of dashboards available on the IBM Security App exchange provided as part of our content packs, like this content pack for example here. Or additionally some sample dashboards can be found here.
6. Need a dashboard that never logs out for the SOC wall or just need to pin a dashboard to an extra monitor every morning that you login.
7. Access the global views inside QRadar for performant searches over a long period of time
8. Ability to drill down from a dashboard to a QRadar screen or workflow, need to drill down to another dashboard or maybe you need to open an external page.

I've really only highlighted a subset of the great features inside Pulse. It's time to try it out now for yourself!!! 

Watch some of these great videos that Jose Bravo has put together on Pulse to get you started or maybe you just want to learn a little more on some of the new features inside Pulse. 

Pulse

Pulse 2.4 New Workflow Part One (June 2020) Click here
Pulse 2.4 New Workflow Part Two (June 2020) Click here
Pulse 2.4 Making API calls from Pulse, Part 1 (June 2020) Click here
Pulse 2.4 Making API calls from Pulse, Part 2 (June 2020) Click here
Great Searches Pulse Dashboards with input parameters (March 2020) Click here
Building our first Pulse Dashboard with input parameters (March 2020) Click here
Finishing the first Example and invitation to share (March 2020) Click here
Exporting a Pulse Dashboard as a JSON file (March 2020) Click here
Adding dashboards to QRadar's Pulse (Feb 2020) Click here
How to cheaply do expensive searches in Pulse GlobalViews (April 2020) Click here
GlobalViews from existing accumulators (April 2020) Click here
Building an AQL Search in flows (April 2020) Click here
Building an AQL Search in logs (events) (April 2020) Click here
Userids for Pulse and Sharing Dashboards (April 2020) Click here
Using Geo Location in Pulse (April 2020) Click here                   

and remember some sample dashboards to start your journey, click here

STAY TUNED FOR MORE GREAT FEATURES FROM THE PULSE TEAM.

Thanks for reading....
0 comments
21 views

Permalink