Each QRadar Custom Rules Engine instance evaluates hundreds of test conditions on thousands of events and flows per second in real-time. The resource consumption of testing can cause a high system load so that real-time processing degrades. Therefore, rule developers need to consider the computational cost of tests and optimize accordingly. This guide helps rule developers to write efficient custom rules and building blocks.
This roadmap provides a QRadar platform overview and explains core concepts and functionality. This roadmap uses five pathways for navigation.
These courses introduce you to basic QRadar concepts and architecture.
These courses explain the functional components and core concepts of QRadar.
These courses introduce you to the extensibility of the QRadar platform through deployment of additional apps.
IBM Digital badges provide valuable credentials that prove the skills you have obtained in a specific role.
Commercial courses cover a broad range of fundamental tasks.Tasks are described in the course summary of each course. If you prefer an instructor-led training program, these commercial courses are for you. The topics covered in the commercial courses can also be studied through Security Learning Academy online courses.
QRadar SIEM Administrator
QRadar Administrators deploy, configure, and maintain the overall QRadar infrastructure based on a holistic deployment architecture. They further maintain all operational tasks to ensure that the QRadar solution performs according to the key performance indicators.
These courses teach you how to perform operational tasks for your QRadar environment.
These courses teach you how to implement extensions and enhancements in your QRadar environment.
These courses teach you how to perform basic troubleshooting tasks in your QRadar environment.
QRadar SIEM Analyst
QRadar SIEM Analysts are responsible for monitoring security incidents, investigating security event log information and network flows, scheduling vulnerability scanning, and coordinating remediation activities.
These courses teach you how to investigate and remediate security threats in your IT environment Operational Tasks
QRadar SIEM Architect
QRadar SIEM Architects work in unison with IT Security Architects in an organization to design the holistic QRadar deployment architecture by integrating important log sources, network flows, assets, and user population.