Earn IBM VIP Rewards points from the SLA! Click here to complete a 2-step process and see participating courses.
In this lab, you configure your deployment to receive QRadar Network Insights (QNI) traffic. QNI provides more detail about the traffic on your network because you can view the payload contents, rather than just metadata from the TCP packet.
You create the reference sets and rules required for QNI offenses. Then, you investigate your traffic based on these offenses. In addition, this lab demonstrates the deep level of detail that you can view in your traffic.