In this video, you learn how to use rule explorer in the QRadar Use Case Manager app, which offers flexible reports related to your rules. QRadar Use Case Manager also packages the Cyber Advisory Framework Mapping application to expose pre-defined mappings to system rules and to help you map your own custom rules to MITRE ATT&CK tactics and techniques.

In this course, you learn about the high availability (HA) design for QRadar, including setup and synchronization of HA hosts, and how to work with host states in a failover situation.

The Ariel Query Language (AQL) is a structured query language that you use to communicate with the Ariel databases. You can use AQL to extract, filter, and perform actions on event and flow data that you extract from the Ariel database in IBM Security QRadar.

AQL is used for advanced searches to get data that might not be easily accessible from the user interface. This provides extended functionality to QRadar's search and filtering capabilities.

In this lab you learn how to utilize AQL for some advanced search tactics inside QRadar SIEM.

Learn how IBM QRadar uses the JDBC protocol, and how to configure a JDBC Log Source in the QRadar Log Source Manager application.