I am using QRadar 7.3.3. I had installed a security content pack extension which has custom rules, reference data sets, searches, reports, etc. While uninstalling it I had chosen 'Remove/Revert all' option and expected that it will completely remove all the objects i.e reference sets, custom rules etc.
But even after uninstallation I could see that the rules etc are still present and it is just got disabled rather than completely removing it.
I searched for any backend command line options to remove those but I could find only for reference data an option to remove from the command line.
Removing it via UI takes more time and involves manual activity. Is there any automated way to completely remove the content pack extension?
Thanks.
------------------------------
Chuan Liu
------------------------------