In this video series, Jose Bravo explains how to use the IBM Security QRadar Use Case Manager App to keep your QRadar deployment properly tuned using the following parts:

• Introduction
  
• Noisy offenses
• Rules with the most CRE events
  
• Network Hierarchy
  
• Building Blocks and Reference Sets

Based on real-world best practice experience, Jose Bravo explains several tuning approaches to IBM Security QRadar User Behavior Analytics deployments, covering the following aspects:

• Importing users the right way
  
• Indexing properly
• What log sources to use
• Utilizing asset information
• Risk threshold and other app settings
• Enabling and tuning rules

In this course, you learn how to create IBM Security QRadar domains and tenants using both the user interface and the RESTful API. You send events to QRadar and see how they get assigned to domains and why. You understand the difference between domain aware and domain unaware rules. You create a shared data rule and perform tests to see how this rule works in comparison with QRadar rules without a domain assignment.