0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Building a Next-Gen SOC with IBM QRadar

You're reading from Building a Next-Gen SOC with IBM QRadar Accelerate your security operations and detect cyber threats effectively

Product type Paperback

Published in Jun 2023

Publisher Packt

ISBN-13 9781801076029

Length 198 pages

Edition 1st Edition

Tools

IBM QRadar

Concepts

Cybersecurity

Author (1):

Ashish Kothekar

View More author details

Table of Contents (18) Chapters

Preface

1. Part 1: Understanding Different QRadar Components and Architecture

2. Chapter 1: QRadar Components FREE CHAPTER

3. Chapter 2: How QRadar Components Fit Together

4. Chapter 3: Managing QRadar Deployments

5. Part 2: QRadar Features and Deployment

6. Chapter 4: Integrating Logs and Flows in QRadar

7. Chapter 5: Leaving No Data Behind

8. Chapter 6: QRadar Searches

9. Chapter 7: QRadar Rules and Offenses

10. Part 3: Understanding QRadar Apps, Extensions, and Their Deployment

11. Chapter 8: The Insider Threat – Detection and Mitigation

12. Chapter 9: Integrating AI into Threat Management

13. Chapter 10: Re-Designing User Experience

14. Chapter 11: WinCollect – the Agent for Windows

15. Chapter 12: Troubleshooting QRadar

16. Index

Why subscribe?

17. Other Books You May Enjoy

Services involved in a QRadar search

QRadar searches, if not designed well, can lead to performance issues on QRadar. The various symptoms that we can see (not necessarily only because of bad search) are as follows:

Searches become slow
Reports take a lot of time to complete (especially reports that are run manually on raw data)
The QRadar UI becomes slow
QRadar partition for /transient may become full

Apart from these, however, there could be many more issues that could arise. To resolve such issues, you should know which services need to be restarted (if ever), and this section is intended to make you aware of these very services. Let’s get started!

In Chapter 1, we discussed all the major services in QRadar. Out of those, the following are the services that are involved when running searches:

Tomcat service: Whenever you want to create or run a search, open the QRadar Console and go to Log Activity. The QRadar UI is controlled by the...

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Authors (2)

Ashish Kothekar

Ashish Kothekar

Ashish has a total experience of more than 15 years working for IBM on various different platforms. He is currently working as tech evangelist for IBM Security products. He has been instrumental in developing more than 10 IBM certification exams including IBM products like QRadar, Cloud Pak for Security, IBM SiteProtector, IBM XGS, etc. He has worked with multiple customers on deploying and then upgrading IBM security products. He has contributed regularly by writing blogs and giving talks on security products. He has published many redpapers on the integration of security products with IBM Storage solutions like IBM Spectrum scale. These redpapers are now full-fledged solutions that are being sold. He has also cleared two Mandarin language exams and is HSK2 qualified.

See other products by Ashish Kothekar

Ashish M Kothekar

Ashish M Kothekar

Ashish has a total experience of more than 15 years working for IBM on various different platforms. He is currently working as tech evangelist for IBM Security products. He has been instrumental in developing more than 10 IBM certification exams including IBM products like QRadar, Cloud Pak for Security, IBM SiteProtector, IBM XGS, etc. He has worked with multiple customers on deploying and then upgrading IBM security products. He has contributed regularly by writing blogs and giving talks on security products. He has published many redpapers on the integration of security products with IBM Storage solutions like IBM Spectrum scale. These redpapers are now full-fledged solutions that are being sold. He has also cleared two Mandarin language exams and is HSK2 qualified.

See other products by Ashish M Kothekar

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m