IBM Support

QRadar Open Mic Webcast #8: Rules and Offenses (Part 1) - Tuesday, 17 March 2015 [includes link to replay; presentation slides are attached]

Webcasts


Abstract

Members of the IBM QRadar Support and QRadar Security team met with customers to discuss Rules and Offenses (Part 1).

Content

For this QRadar Open Mic session, QRadar Support, Security, and Development representatives were on the panel to discuss how rules and offenses work in QRadar products. The goal of this session was to provide an overview of rules to discuss building blocks, rule responses, and offenses. We also discussed specific rule types that we often get questions on, such as anomaly, threshold, and behavior rules. After the presentation, we opened the phone line to take call-in questions from the audience about rules and offenses. Throughout the event, attendees commented and asked questions in the IBM SmartCloud Meeting Web chat.

Due to the size and scope of this topic, there will be a follow-up open mic webcast (Rules & Offenses: Part 2) in April to discuss topics we did not cover during the time allotted.

NOTE: During this presentation, we were not able to discuss tuning questions about specific systems. These questions should be handled through service requests with QRadar support. This webcast is intended to discuss the principles and concepts of rules and offenses.

Our goal is to provide insight on how QRadar works and to teach on-going sessions that help both users and administrators understand, maintain, troubleshoot, and resolve issues with their QRadar Security Intelligence system.

  • Topic: QRadar Rules and Offenses (Part 1)
  • Date: Tuesday, March 17, 2015
  • Time: 11:00 AM ET (12:00 AT, 16:00 UTC/GMT, UTC -5 hours) for 60 minutes


How to ask questions after the event

We set aside a post in the QRadar Customer Forum for your topical questions. The advanced questions were added to the presentation slides and discussed during the open mic by the panel.

QRadar Customer Forum for advanced questions: https://ibm.biz/BdEUhy


Presentation
QRadarOpenMic#8.pdfQRadarOpenMic#8.pdf


Recording of session
A recording of the session is uploaded to the IBM Security Support You Tube channel:
https://www.youtube.com/watch?v=gQZenY4f1jU
49:57 minutes long


About Open Mic Webcasts

IBM Security Systems Support wants to help you take full advantage of your products. Join us for our Open Mic Webcast series as technical experts share their knowledge and answer your questions. These webcasts are designed to address specific topics and provide an in-depth and focused technical exchange in a convenient online webcast format.

Visit the Support technical exchanges for Security Systems page to see lists of all scheduled and past Open Mic events

To be notified about Security Support's Open Mic webcasts, follow us on Twitter @AskIBMSecurity.

[{"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"General Information","Platform":[{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"7.1;7.0;7.2","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
17 June 2018

UID

swg27045116

Page Feedback