Generating and receiving events with QRadar
QRadar is capable of receiving and parsing events from a variety of third-party security products. The full list of supported devices is available in the documentation and the several formats…
Changes in Traffic Analysis in 7.3.1
Among new features introduced in version 7.3.1, one of the most important would be a change in Traffic Analysis. Change reasons Many users have had issues with incorrectly auto detected log…
Performance degradation in QRadar on ecs-ec
Performance degradation occurs in QRadar on two main services ecs-ec and ecs-ep. Depends on service, which is affected (sometimes it can be on both at the same time), you need…