IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to Library

September 2025 - IBM QRadar Monthly: Search and AQL Optimization - Replay 

23 days ago

Search is at the heart of QRadar, and this session is all about making it faster, smarter, and more efficient. We’ll walk through recent and upcoming improvements, new ways to visualize and refine queries, and best practices for indexing, query structure, and retention buckets. If you're looking to reduce search time and improve cost efficiency, this webinar is for you.

Agenda

  • Overview of features released in UP12, UP13, and UP14
  • Preview of planned features in UP15
  • Enhancements to search functionality, including:
    • Visualizing ongoing searches
    • Searching by Event Collector hostname
    • Partial search during query execution
  • Tired Storage architecture and use cases
  • Improvements in search speed and cost efficiency
  • Best practices for search optimization (indexing, query structure, etc.)
  • Tips for using retention buckets to accelerate searches
  • Troubleshooting guidance for common search issues

Statistics
0 Favorited
18 Views
1 Files
0 Shares
6 Downloads