IBM Security QRadar SIEM Administration and Advanced Topics
Learn to use administrative tools, process uncommon QRadar events, trigger alerts of suspicious activity, and develop custom rules.
In this course, you will learn how to minimize the time gap between when suspicious activity occurs and when you detect it. There are a variety of administrative tools you can use to manage a QRadar SIEM deployment. The next level of this course focuses on attacks and policy violations. These vulnerabilities leave their footprints in log events and network flows of your IT systems. To connect the dots, QRadar SIEM correlates these scattered events and flows into offenses that alert you to suspicious activities.
This course covers system configuration, data source configuration, and remote networks and services configuration. You will be able to configure processing of uncommon events, work with reference data, and develop custom rules using the skills taught in this course.