IBM Security QRadar SIEM Administration & Advanced Topics

Virtual Instructor-Led Training

3 Days (24 Hours)

Minimize detection time for suspicious activities with QRadar SIEM. Focus on system configuration, data source setup, and custom rule development.

Course Objectives

Install and manage automatic updates to QRadar SIEM assets
Configure QRadar backup and restore policies
Leverage QRadar administration tools to aggregate, review, and interpret metrics
Use network hierarchy objects to manage QRadar SIEM objects and groups
Manage QRadar hosts and licenses and deploy assets

Download course details

Upcoming Schedules

Course Prerequisites

Required

Basic knowledge of the purpose and use of a security intelligence platform

Familiarity with custom rules

Familiarity with the Ariel database and its purpose in QRadar SIEM

Familiarity with the Linux command line interface and PuTTY

IBM Security QRadar SIEM Foundations

IT infrastructure

Course Outline

Auto Update

Backup and Recovery

Index and Aggregated Data Management

Network Hierarchy

System Management

License Management

Deployment Actions

High-Availability Management

System Health and Master Console

System Settings and Asset Profiler Configuration

Custom Offense Close Reasons

Store and Forward

Reference Set Management

Centralized Credentials

Forwarding Destinations

Routing Rules

Domain Management

Users, User Roles, and Security Profiles

Authentication

Authorized Services

Backup and Recovery

Custom Asset Properties

Log Sources

Log Source Groups

Log Source Extensions

Log Source Parsing Ordering

Custom Properties

Event and Flow Retention

Flow Sources

Flow Sources Aliases

VA Scanners

Remote Networks and Services

IBM Security QRadar SIEM Administration and Advanced Topics

Upcoming Schedules

Course Prerequisites

Required

Course Outline