A large volume of data aggregation can decrease your system performance. The IBM Security QRadar Ariel component uses a separate database for aggregated data in order to improve system performance and to make the data more readily available. Time series charts, report charts, and anomaly rules use aggregated data views. Learn how to use the Aggregated Data management tool to disable, enable, or delete aggregated data views.

In the IBM Security QRadar Console, you can use the Index Management tool to control database indexing on event and flow properties. By adding an indexed field in your search query, it helps to improve the speed of searches in QRadar by narrowing the overall data. Learn how to modify database indexing in the Index Management tool by making use of statistics before and after you enable or disable indexing on multiple properties.

In this IBM Security QRadar Support Open Mic you learn about the following topics:

• Searching Your QRadar data efficiently
• Utilize Quick Filters to search data
• Leveraging indexed properties in search queries
• Tips on searching data in QRadar

Every IBM Security QRadar SIEM Analyst has to master basic investigations skills. In this course, you learn how to use flexible Searches to narrow down your investigations by watching the following videos:

• Learning how to utilize the QRadar search functionality
• How to search data efficiently in QRadar using indexing
• How to search data efficiently in QRadar using quick filters

In this video, you review how to use the DSM Editor to select a log source type, configure property parsing, and create new event categories and mapping. You also examine the new features of the DSM Editor, which are contained in the Configuration section. 

This video focuses on the new features: log source autodetection and properties. These features are available with QRadar SIEM 7.3.3.

To prevent security breaches, QRadar Vulnerability Manager helps your organization to detect and evaluate vulnerabilities of your IT systems. In this lab, you learn how to scan for vulnerabilities and how to investigate detected vulnerabilities.

The exercises in this lab provide a broad introduction into the features of QRadar Vulnerability Manager. The exercises cover the following topics:

• Running a Patch Scan
  
• Exploring centralized credentials
  
• Adjusting environmental metrics for high-value IT systems
  
• Focusing on risky vulnerability instances
  
• Investigating the Heartbleed vulnerability
  
• Creating a Scan Policy with active tests
  
• Running a custom scan with active tests
  
• Creating an exception