IBM Security QRadar

Welcome to the IBM Security QRadar online user group! As a participant, connect with QRadar subject matter experts and get answers to your biggest concerns on detecting and stopping advanced threats, insider threats, compliance and your cloud strategy. Also, share ideas, benchmarks, best practices and lessons learned with other QRadar users.

Stay up-to-date on what’s new with QRadar, including upcoming local user group meetings, demo webinars and feature releases. You can also expand your QRadar knowledge and technical expertise with our community blogs, forums, demos, videos and other learning materials.

We encourage you to take full advantage of the resources available in this QRadar user community. Please contact Community Managers Connor Costello or Jennifer Tullman-Botzer with any questions.

Search Group

Latest Posts

  • Profile Picture

    RE: EPS query finetune

    ​... Looking at this a different way and using the above as a start, here's a specific domain for a week across all the log sources: SELECT LOGSOURCENAME(logsourceid) AS 'Log Source', SUM(eventcount)/(7*(24*3600)) AS EPS, DOMAINNAME(domaindid) FROM ...

  • To help out, is the QRadar setup you have a single AIO? an HA-pair AIO? or distributed with data nodes? Is this an appliance on bare-metal or a VM? Each has slightly different backup and recovery approaches. ------------------------------ Darren H. ...

  • Profile Picture

    RE: Asset List

    Without sound like IBM support, it may be easier if you share what logs you have (anonymised) and a sample asset list (and how you're building the asset list from the logs). Also what Version of QRadar and at the far end, what DHCP services you're using. ...

Upcoming Events


Latest Articles

  • After receiving a veritable tidal wave of 2019 year in review emails from other vendors, I figured I'd contribute to the conversation by putting together a list of what I consider to be the essential apps and extensions for QRadar to prepare for 2020. ...

    4 people recommend this.
  • Containers are changing the way of how software’s are built and delivered, build it once and run it anywhere, onsite, or on the cloud. IBM Security QRadar is capable of ingesting and detecting security threats in Kubernetes deployments, onsite, and ...

    1 person recommends this.
  • I work as a cybersecurity consultant and have deployed IBM QRadar for major banks and other institutions in Scandinavia. Some companies prefer to have QRadar SIEM-as-a-service, while others want an on-premises solution. I stumbled upon an interesting ...

Latest Files

Community Members
1631 Members
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin