IBM QRadar Review

Log correlation is very useful for processing alerts


What is our primary use case?

  • CRM and billing system
  • 100 multiple technology servers: Windows AD, Linux, HP-UX, etc.
  • 40 firewall multiple routers 
  • Cisco Nexus switches

How has it helped my organization?

Log correlation is very useful for processing alerts. It serves to follow up alerts in real-time, building an entire workflow.

What is most valuable?

  • DSM parsing
  • Log correlation
  • X-Force connectivity
  • Ease of DSM customisation
  • Multiple reports

What needs improvement?

  • Data encryption
  • Flow encryption
  • Third-party compliance
  • Its architecture is very complicated.
  • Its hardware is Lenovo-based.

For how long have I used the solution?

Three to five years.
Disclosure: My company has a business relationship with this vendor other than being a customer: IBM Partner
Add a Comment
Guest

Sign Up with Email