All in One Offer! | Access Unlimited Courses in any category starting at just $29. Offer Ends in:

Browse Library

  • Business Solutions
  • Become an Instructor
  • 0
    Shopping Cart

    Your Cart is empty. Keep shopping to find a course!

    Browse Courses
Free
3 days left at this price!

This plan includes

  • Limited free courses access
  • Play & Pause Course Videos
  • Video Recorded Lectures
  • Learn on Mobile/PC/Tablet
  • Quizzes and Real Projects
  • Lifetime Course Certificate
  • Email & Chat Support
Get Unlimited Learning Access
$29
3 days left at this price!
30-Day Money-Back Guarantee

This plan includes

  • Access to 11,000+ Courses
  • Ads free experience Courses
  • Play & Pause Course Videos
  • HD Video Recorded Lectures
  • Learn on Mobile/PC/Tablet
  • Quizzes and Real Projects
  • Lifetime Course Certificate
  • Instructor Direct Support
  • Email & Chat Support
  • Cancel Anytime
$29
$29
$29
  • QRadar Administration

Hello everyone!

My name is Daniel Koifman, a recognized IBM Subject Matter Expert for QRadar, CASP+ Certified.

In this course, I will be showing you all of the most important subjects you need to know in order to be a skilled QRadar administrator, in addition to various real-world scenarios and best practices.

The course is divided into the following 15 sections:

  1. Introduction &  Installation

  2. QRadar overview

  3. Rules

  4. Working with Reference Data

  5. QRadar Administration - System Configuration

  6. QRadar Administration - Performance Optimization

  7. QRadar Administration - Data Source Configuration

  8. QRadar Administration - Accuracy Tuning

  9. QRadar Administration - User Management

  10. QRadar Administration - Reporting, Searching & Offense Management

  11. QRadar Administration - Tenants and Domains

  12. QRadar Administration - Troubleshooting

  13. Working with the QRadar Console

  14. Working with the API

  15. Practical Use Cases for New/Existing Deployments

 

Each section was carefully designed based on all of my experience working as a Senior Threat Detection engineer for fortune-500 and for MSSPs. This is the ONLY course with a detailed, in-depth practical use cases section, which will show you common problems that administrators are facing throughout the world. I developed this section based on my endless hours of trial & error and independent research, so I hope all of you can learn very useful things in the course, regardless of skill level!

  • Recommended basic knowledge of Computers, Networking, and Cyber Security.
  • SOC Analysts who work with QRadar
  • Detection Engineers
  • SIEM Engineers
  • QRadar Administrators
View More...
  • Section 1 : Introduction & Installation 8 Lectures 00:33:22

    • Lecture 1 :
    • A quick word from me to you Preview
    • Lecture 2 :
    • Introduction & About the instructor
    • Lecture 3 :
    • Introduction to SIEM
    • Lecture 4 :
    • Introduction to QRadar
    • Lecture 5 :
    • Installing QRadar
    • Lecture 6 :
    • Ingesting events from a Windows machine
    • Lecture 7 :
    • Ingesting events from PfSense Firewall
    • Lecture 8 :
    • Please read this BEFORE installing QRadar!
  • Section 2 : QRadar overview 3 Lectures 00:21:56

    • Lecture 1 :
    • User Interface
    • Lecture 2 :
    • Log Activity basic searching
    • Lecture 3 :
    • QRadar Services
  • Section 3 : Rules 10 Lectures 01:22:14

    • Lecture 1 :
    • Requirements for upcoming application installations
    • Lecture 2 :
    • Use Case Manager, Rules and Building Blocks
    • Lecture 3 :
    • Using AQL inside rules
    • Lecture 4 :
    • Troubleshooting rules
    • Lecture 5 :
    • Optimizing rules
    • Lecture 6 :
    • Identifying expensive rules
    • Lecture 7 :
    • Practical Example #2 - Firewall rules
    • Lecture 8 :
    • Practical Example #3 - Translating Threat Reports to Rules
    • Lecture 9 :
    • Practical Example #1 - SIGMA Rules Pt. 1
    • Lecture 10 :
    • Practical Example #1 - SIGMA Rules Pt. 2
  • Section 4 : Working with Reference Data 4 Lectures 00:24:35

    • Lecture 1 :
    • Different Types of Reference Data
    • Lecture 2 :
    • Using Reference Data with the default user interface
    • Lecture 3 :
    • Integrating Reference Data and Rules
    • Lecture 4 :
    • Advice on dealing with massive amounts of Reference Data
  • Section 5 : QRadar Administration - System Configuration 6 Lectures 00:25:48

    • Lecture 1 :
    • Managed hosts
    • Lecture 2 :
    • Network heirarchy
    • Lecture 3 :
    • Automatic updates
    • Lecture 4 :
    • Event retention
    • Lecture 5 :
    • Backup and recovery
    • Lecture 6 :
    • Custom offense Email templates
  • Section 6 : QRadar Administration - Performance Optimization 3 Lectures 00:18:24

    • Lecture 1 :
    • Index management
    • Lecture 2 :
    • Configuring resource restrictions
    • Lecture 3 :
    • Routing Rules
  • Section 7 : QRadar Administration - Data Source Configuration 8 Lectures 00:39:53

    • Lecture 1 :
    • XPath queries
    • Lecture 2 :
    • Log source management
    • Lecture 3 :
    • Event coalescing
    • Lecture 4 :
    • Log source groups
    • Lecture 5 :
    • Exporting event data
    • Lecture 6 :
    • Custom log source types (DSM) / Event Mappings
    • Lecture 7 :
    • Custom AQL Properties
    • Lecture 8 :
    • Custom event properties
  • Section 8 : QRadar Administration - Accuracy Tuning 3 Lectures 00:12:16

    • Lecture 1 :
    • Configuring MaxMind GeoIP
    • Lecture 2 :
    • Verifying GeoIP Changes
    • Lecture 3 :
    • Configuring X-Force Integration
  • Section 9 : QRadar Administration - User Management 4 Lectures 00:13:18

    • Lecture 1 :
    • Managing users
    • Lecture 2 :
    • User roles
    • Lecture 3 :
    • Security profiles
    • Lecture 4 :
    • Managing user authentication & authorization
  • Section 10 : QRadar Administration - Reporting, Searching & Offense Management 4 Lectures 00:26:15

    • Lecture 1 :
    • Managing reports
    • Lecture 2 :
    • Utilizing different search types
    • Lecture 3 :
    • Managing offenses
    • Lecture 4 :
    • Sharing content among users
  • Section 11 : QRadar Administration - Tenants and Domains 4 Lectures 00:18:00

    • Lecture 1 :
    • Differentiating between network hierarchy and domain definition
    • Lecture 2 :
    • Managing domains and tenants
    • Lecture 3 :
    • Monitoring license usage
    • Lecture 4 :
    • Assigning users to tenants
  • Section 12 : QRadar Administration - Troubleshooting 4 Lectures 00:16:08

    • Lecture 1 :
    • Responding to and dealing with system notifications
    • Lecture 2 :
    • Troubleshooting common issues
    • Lecture 3 :
    • Troubleshooting applications
    • Lecture 4 :
    • Troubleshoot service performance
  • Section 13 : Working with the QRadar Console 9 Lectures 00:21:43

    • Lecture 1 :
    • Connecting to the Console
    • Lecture 2 :
    • QRadar filesystem
    • Lecture 3 :
    • Running AQL inside the Console
    • Lecture 4 :
    • Troubleshooting services
    • Lecture 5 :
    • Troubleshooting events rate and connectivity
    • Lecture 6 :
    • Performing a manual deploy
    • Lecture 7 :
    • Reverting SSL certificate to locally signed
    • Lecture 8 :
    • Deleting a rule directly from the Console
    • Lecture 9 :
    • Useful Console commands list
  • Section 14 : Working with the API 2 Lectures 00:12:47

    • Lecture 1 :
    • QRadar API basics
    • Lecture 2 :
    • Example - Python script with QRadar API
  • Section 15 : Practical Use Cases for New/Existing Deployments 13 Lectures 00:24:16

    • Lecture 1 :
    • Alerting on non-reporting log sources
    • Lecture 2 :
    • Alerting on non-reporting domains
    • Lecture 3 :
    • Alerting on disabled custom properties
    • Lecture 4 :
    • Alerting on disk usage exceeded warning/maximum threshold
    • Lecture 5 :
    • Alerting on events dropped
    • Lecture 6 :
    • DSM "Failed to load data" error
    • Lecture 7 :
    • Creating useful dashboards with Pulse
    • Lecture 8 :
    • Working with Threat Intelligence
    • Lecture 9 :
    • Working with QRadar Deployment Intelligence
    • Lecture 10 :
    • Mandatory steps after upgrading Console CPU
    • Lecture 11 :
    • Logs are being truncated / split
    • Lecture 12 :
    • Section notes
    • Lecture 13 :
    • Notes about updating applications
  • Section 16 : Course End - Congratulations! 1 Lectures 00:01:43

    • Lecture 1 :
    • End Notes
  • How do i access the course after purchase?

    It's simple. When you sign up, you'll immediately have unlimited viewing of thousands of expert courses, paths to guide your learning, tools to measure your skills and hands-on resources like exercise files. There’s no limit on what you can learn and you can cancel at any time.
  • Are these video based online self-learning courses?

    Yes. All of the courses comes with online video based lectures created by certified instructors. Instructors have crafted these courses with a blend of high quality interactive videos, lectures, quizzes & real world projects to give you an indepth knowledge about the topic.
  • Can i play & pause the course as per my convenience?

    Yes absolutely & thats one of the advantage of self-paced courses. You can anytime pause or resume the course & come back & forth from one lecture to another lecture, play the videos mulitple times & so on.
  • How do i contact the instructor for any doubts or questions?

    Most of these courses have general questions & answers already covered within the course lectures. However, if you need any further help from the instructor, you can use the inbuilt Chat with Instructor option to send a message to an instructor & they will reply you within 24 hours. You can ask as many questions as you want.
  • Do i need a pc to access the course or can i do it on mobile & tablet as well?

    Brilliant question? Isn't it? You can access the courses on any device like PC, Mobile, Tablet & even on a smart tv. For mobile & a tablet you can download the Learnfly android or an iOS app. If mobile app is not available in your country, you can access the course directly by visting our website, its fully mobile friendly.
  • Do i get any certificate for the courses?

    Yes. Once you complete any course on our platform along with provided assessments by the instructor, you will be eligble to get certificate of course completion.
  • For how long can i access my course on the platform?

    You require an active subscription to access courses on our platform. If your subscription is active, you can access any course on our platform with no restrictions.
  • Is there any free trial?

    Currently, we do not offer any free trial.
  • Can i cancel anytime?

    Yes, you can cancel your subscription at any time. Your subscription will auto-renew until you cancel, but why would you want to?

924 Course Views

1 Courses

Verified IBM QRadar Subject Matter Expert with experience working at a fortune-500 bank as a Senior Threat Detection Engineer. I am skilled in various areas of cybersecurity, defensive and offensive security, threat hunting/detection engineering, SIEM/SOC (QRadar, Splunk, Sentinel), SIGMA/YARA Rules and Python. Won 3rd place @ Splunk Boss of the SOC V8 EMEA Israel event. Comptia CASP+ certified.
View More...
  • Unmatched Variety and Value!
    Learnfly's monthly subscription offers unlimited access to a vast range of courses. Affordable pricing, compared to competitors, makes it the ultimate choice for continuous learning.
    Jessica M.

    4.7

    JM
  • Top-Notch Quality, Affordable Rates!
    High-quality courses with certified instructors make Learnfly stand out. The affordable pricing is a game-changer for those seeking premium education.
    Alex P.

    4.5

    AP
  • Certified Excellence Every Time!
    Learnfly's courses, taught by certified instructors, ensure top-notch learning experiences. The course completion certificates add significant value to one's skill set.
    Sarah R.

    4.3

    SR
  • Round-the-Clock Support!
    Learnfly goes the extra mile with 24/7 course support. Their dedication to helping students succeed is commendable.
    Ryan K.

    4.1

    RK
  • Learn Anywhere, Anytime!
    Whether on mobile, PC, or tablet, Learnfly's platform offers flexibility. Learning on the go has never been easier.
    Emily S.

    4.7

    ES
  • Job-Ready Skills!
    Learnfly's job-oriented courses equip learners with practical skills for the workplace. An investment in career growth!
    Jake M.

    4.2

    JM
  • Budget-Friendly Brilliance!
    Learnfly's pricing is a steal for the quality and variety of courses offered. Quality education without breaking the bank.
    Olivia T.

    4.5

    OT
  • Instructor Excellence Unleashed!
    Learn from the best with Learnfly's certified instructors. The platform ensures that knowledge is imparted by industry experts.
    Daniel L.

    4.0

    DL
  • Achievement Unlocked!
    Learnfly not only offers courses but also recognizes your efforts with course completion certificates. A sense of accomplishment with every course finished.
    Maya H.

    4.6

    MH
  • Learning Revolution!
    Learnfly's platform is a revolution in education. Access to unlimited courses at affordable rates is a game-changer.
    Ethan W.

    4.7

    EW
  • learn-nxtgen-hacking-with-technology

    Learn NxtGen Hacking with Technolog...

    By : Gopikrishna C

    Lectures 80 Beginner 8:29:27
  • tcp-ip-the-complete-course

    TCP/IP: The Complete Course

    By : Lazaro (Laz) Diaz

    Lectures 17 Beginner 1:52:18
  • voip-configuration-and-attacking-hacking

    VoIP Configuration and Attacking (H...

    By : Arpit Mittal

    Lectures 6 Beginner 0:10:40
  • practical-blockchain-smart-contracts-ethereum-solidity

    Practical Blockchain & Smart Contra...

    By : Abhilash Nelson

    Lectures 40 Beginner 4:56:0
  • complete-ethical-hacking-penetration-testing-for-web-apps

    Complete Ethical Hacking & Penetrat...

    By : Abhilash Nelson

    Lectures 30 Beginner 3:28:56
  • the-complete-xmpp-course-chat-server-setup-android-ios-apps

    The Complete XMPP Course: Chat Serv...

    By : Abhilash Nelson

    Lectures 10 Beginner 0:47:3

Students learning on Learnfly works with Fortune 500 companies around the globe.

Sign Up & Start Learning
By signing up, you agree to our Terms of Use and Privacy Policy
Reset Password
Enter your email address and we'll send you a link to reset your password.