IBM Security QRadar

 View Only

QRadar_2000x200.jpg
Welcome to the IBM Security QRadar User Community
As a participant, connect with QRadar subject matter experts and get answers to your biggest concerns on detecting and stopping advanced threats, insider threats, compliance, and your cloud strategy. Also, share ideas, benchmarks, best practices, and lessons learned with other QRadar users.

As a member of this online user community, you gain:

  • Direct engagement with IBM subject matter experts
  • Tips and tricks from your industry peers
  • News, announcements, and enhancement details


You’ll also get information regarding our regional and virtual user group meetings, upcoming webinars, how-to blogs, and training.
We invite you to participate and ask that you contact support@communitysite.ibm.com with any questions.

Latest Discussions

  • Hello, We have an log management solution Crowdstrike (Humio - formerly known) Falcon Logscale receives events from actual log source Palo Alto firewall, filters events and forwards only the interested to events to QRoC via QRadar collector server in ...

  • Hello, We have an log management solution Crowdstrike (Humio - formerly known) Falcon Logscale receives events from actual log source Palo Alto firewall, filters events and forwards only the interested to events to QRoC via QRadar collector server in ...

  • Hallo Haitan, Use the formatting function LONG() for 'count' then the comparision works with unformatted numbers. SELECT "userName" AS 'Username', logsourcename(logSourceId) AS 'Log Source', LONG(COUNT(*)) AS 'Count' from events where Username IS NOT ...

    1 person likes this.

Latest Blogs

  • To all of our WinCollect users, we have some exciting news. With the previous release of WinCollect 10.1.1 and the support for mTLS that went along with it, the next release of WinCollect 10.1.2 comes with added support for using ...

    1 person likes this.
  • Hi guys I wanted to talk with you about a platform where you can look at the Mitre mapping of the QRadar content with another view . The platform I am talking about is Tidal ( Tidal website ). What Tidal allows you to do is to pivot in the att&ck ...

  • INTRODUCTION When a device sends logs to IBM QRadar, QRadar parses the events using a Device Support Module (DSM) so that it can fully utilize the normalized/parsed data for further processing. The DSM used depends on the type of device. A full list ...

    5 people like this.
  • Napatech Software Suite, which is the 3rd generation driver for Napatech adapters (3GD for short) is the Napatech's new stack that was released along with migration to RHEL7 in QRadar ("napatech" service is no longer supported in RHEL7). It is a broad ...

  • What is more important for cyber defense: tools or mindset? From my point of view SIEM Security starts with an aligned mindset! Of course, the tools are also important, but the right mindset and implementation are crucial. Just imagine a lowered barrier. ...

    1 person likes this.

Upcoming Events


Community Members
3840 Members
group Admin
group Moderator
group Leadership
group Admin
group Admin
group Moderator