QRadar can work in the Deployment Model which is master and slave environment. The single master is the console, which manages the configuration updates for all the managed hosts (slaves) available in the deployment set. The console only has the ability to read and write to Postgres database, while the all managed hosts have read-only... / READ MORE /
General
DSM Editor is multi-task editor, which let you parse any event received by QRadar box. QRadar supports more than 1000 Log Sources out of the box. It is possible because this type of SIEM software has installed a device support modules called DSMs, which let QRadar parse the logs. The most widely used software and... / READ MORE /
Please find below embedded three movies by Jose Bravo about migrating from App Node to App Host. App Host is new component in QRadar family. It has number 4000 and it works like normal Managed Host. You can doubled the component in High Availability cluster in the same way like other Managed Hosts in your... / READ MORE /
As promised in the last month, please find the second part of the QRadar 7.3.2 features article. As for today (mid of February), a new version is still not available for public, but I could see another new build generated in this month (20190201201121) and I believe we are days only from issuing a new... / READ MORE /
Soon (the first quarter of 2019), we can expect a new version of QRadar. This is a sneak peek at QRadar 7.3.2, which runs on RHEL 7.5. New version introducing so many improvements, that I could not list all of them at once. In this article, I describe only the most significant changes for me,... / READ MORE /