List of Contributions

John Wyckoff

IBM

Contact Details

IBM

My Content

1 to 3 of 3 total
Posted By John Wyckoff Mon August 09, 2021 10:53 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Some fun and games installing Resilient, AppHost and QRadar in IBM Cloud instance. Issues: * IBM Cloud NAT to access Resilient UI * Can Putty to outside address of AppHost, but need copy/paste Solution that took a bit to figure out....not because it was hard.....I just did not connect the dots... ...
Posted By John Wyckoff Wed January 29, 2020 11:55 AM
Found In Egroup: IBM Security QRadar
\ view thread
Create a event search for 'Log Source Type' by count, or 'Log Source' by count. Can export to Excel for tables and graphs. ------------------------------ John Wyckoff QRadar Dude (Ex-BigFixer) IBMer (twice, with stints at Intel and Novell) Located in New England, cover North America 802-825-5863 ...
Posted By John Wyckoff Fri January 17, 2020 02:28 PM
Found In Egroup: IBM Security QRadar
\ view thread
To EC or not to EC.......good question. In general, almost every QRadar installation could use the increased efficiency by pre-processing the data on the EC before handing to the EP. The work-time-cost to implement an EC is what QRadar admins need to look at. * Adding an EC to an EP does not remove ...