This is the second part of the article about DSM Editor. Please find the link here to the first part of this article. As mentioned there, DSM Editor can create a new Log Source, based on repeating information in any kind of log. Sample Log Suppose, that you are dealing with logs collected from the... / READ MORE /
QRadar SIEM
Installing an App Node in QRadar environment is only possible for QRadar 7.3.0 and QRadar 7.3.1. Below this number, in versions 7.2.6 to 7.2.8, you must not off-board apps from the console. Forward this version, since 7.3.2 App Node has been replaced by App Host and became the same component as the other Managed Hosts... / READ MORE /
Customising QRadar interface, after issuing version 7.3.0, is rather a simple task. Users, willing to do it, don't need to have more skills than editing and copying files in Linux. Obviously, don't do this in production systems. This is not supported. You do this on own risk only. Edit qradar.properties. Simple edit the file below,... / READ MORE /
QRadar backup is one of the most important feature to use by each system administrator. There are two types of backups - configuration backup and data backup. It is highly recommended to do backups on regular basis and by default, QRadar creates a backup nightly but you can reschedule and adjust it to your needs.... / READ MORE /
QRadar Log Sources are displayed in Log Activity tab where each event information is in a form of record from that log source. An event is a record from a device that describes an action on a network or host. SIEM normalizes the varied information found in raw events. QRadar SIEM supports many protocols, to receive raw... / READ MORE /