Posted By
Martijn Groenewegen
Wed July 17, 2019 03:31 PM
Found In
Egroup:
IBM Security QRadar
\
view thread
If you use the bypass correlation option , you cant see the rules that would have been triggered anymore on the event i guess, so depending on what you want to accomplish you could also make an bb with the domain in it and ad it to the BB for false positve management. Then you can see all the rules on ...
|