QRadar

Welcome to the QRadar online user group! As a participant, connect with QRadar subject matter experts and get answers to your biggest concerns on detecting and stopping advanced threats, insider threats, compliance and your cloud strategy. Also, share ideas, benchmarks, best practices and lessons learned with other QRadar users.

Stay up-to-date on what’s new with QRadar, including upcoming local user group meetings, demo webinars and feature releases. You can also expand your QRadar knowledge and technical expertise with our community blogs, forums, demos, videos and other learning materials.

We encourage you to take full advantage of the resources available in this QRadar user community. Please contact Community Managers Jennifer Tullman-Botzer and Wendy Batten with any questions.

Search Group

Latest Posts

  • Profile Picture

    LLC stored

    Hi, After upgrading the cisco ftd the logs in QRadar are with Low Level Category stored and the payload is: <172>Oct 17 2019 13:37:35 "log-source" : %FTD-4-733100: [ Scanning] drop rate-2 exceeded. Current burst rate is 5 per second, max configured ...

  • The give-back mentioned is there to cover internal/built-in events (System notification, Health, CRE ...) . I would expect them generally to be up to 200 EPS. Though the licensing and license give-back are evaluated and applied every second, on few sites ...

  • That's not actually quite the whole story. IBM talk about "the queue", but there are actually multiple different queues - one for syslog, one for Wincollect, etc. They are also not all the same size (the syslog queue is large because it gets a lot of ...

Upcoming Events


Latest Articles

  • QRadar is now available to be deployed on the Google Cloud Platform IBM QRadar now has three listings on the Google Cloud Marketplace for customers to deploy Console, Managed Host, or App Host appliances to run on virtual machines on Google Compute ...

  • When looking to address security information and event management (SIEM) use cases, clients and partners require deployment flexibility across and, increasingly, the cloud. They need a strategic path to migrate production workloads to the cloud and ...

  • Containers are an operating system virtualisation technology used to package applications and their dependencies so that it can run anywhere. "write once, run anywhere." With more and more production containers and services being deployed into cloud ...

    2 people recommend this.
Community Members
1329 Members
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin
group Admin