2 days
600 €*
No opened sessions
Notify me when available
* the price doesn't contain VAT taxes

DescriptionWhat we offer

IBM Security QRadar SIEM enables you to minimize the time gap between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. This course covers system configuration, data source configuration, and remote networks and services configuration.

ObjectivesWhat you learn

Learning objectives

  • Install and manage automatic updates to QRadar SIEM assets
  • Configure QRadar backup and restore policies
  • Leverage QRadar administration tools to aggregate, review, and interpret metrics
  • Use network hierarchy objects to manage QRadar SIEM objects and groups
  • Manage QRadar hosts and licenses and deploy assets
  • Monitor the health of assets in a QRadar deployment
  • Configure system settings and ass profiles
  • Configure reasons that QRadar administrators use to close offenses
  • Create and manage reference sets
  • Configure user accounts including user profiles and authorizations
  • Manage QRadar log sources
  • Store event and flow data
  • Manage QRadar flow sources
  • Manage groups that monitor Internet networks and services

TopicsThe best for you

Unit 1: Auto Update
Unit 2: Backup and Recovery
Unit 3: Index and Aggregated Data Management
Unit 4: Network Hierarchy
Unit 5: System Management
Unit 6: License Management
Unit 7: Deployment Actions
Unit 8: High Availability management
Unit 9: System Health and Master Console
Unit 10: System Settings and Asset Profiler Configuration
Unit 11: Custom Offense Close Reasons
Unit 12: Reference Set Management
Unit 13: Authorized Services
Unit 14: Users, User Roles, and Security Profiles
Unit 15: Log Sources
Unit 16: Log Source Extensions
Unit 17: Log Source parsing Ordering
Unit 18: Event and Flow Retention
Unit 19: Flow Sources
Unit 20: Flow Sources Aliases
Unit 21: Remote Networks and Services

Need this course inside your company?

PrerequisitesWhat should you know

Before taking this course, make sure that you have the following skills:

  • Basic knowledge of the purpose and use of a security intelligence platform
  • Familiarity with the Linux command line interface and PuTTY
  • Familiarity with Custom Rules engine (CRE) rules
  • Familiarity with the Ariel database and its purpose in QRadar SIEM
  • Students should attend BQ102G, IBM Security QRadar Foundations or be able to navigate and use the QRadar SIEM Console
  • Students should attend BQ132G, IBM Security QRadar SIEM Advanced Topics (optional)

AudienceWho should attend

This course is designed for QRadar SIEM administrators and professional services personnel managing QRadar SIEM deployments.