Security Intelligence Latest
Security Intelligence Latest Courses:
In this video, you learn how to use rule explorer in the QRadar Use Case Manager app, which offers flexible reports related to your rules. QRadar Use Case Manager also packages the Cyber Advisory Framework Mapping application to expose pre-defined mappings to system rules and to help you map your own custom rules to MITRE ATT&CK tactics and techniques.
In this course, you learn about the high availability (HA) design for QRadar, including setup and synchronization of HA hosts, and how to work with host states in a failover situation.
The Ariel Query Language (AQL) is
a structured query language that you use to communicate with the Ariel
databases. You can use AQL to extract, filter, and perform actions on
event and flow data that you extract from the Ariel database in IBM
Security
QRadar.
AQL is used for advanced searches
to get data that might not be easily accessible from the user interface.
This provides extended functionality to QRadar's search and filtering
capabilities.
In this lab you learn how to utilize AQL for some advanced search tactics inside QRadar SIEM.
Learn how IBM QRadar uses the JDBC protocol, and how to configure a JDBC Log Source in the QRadar Log Source Manager application.