Qradar CE
-
Has anyone tried Qradar CE or full Qradar on their network? I've only used it at work, and that version is robust. I'm wondering if it's comparable to Graylog or other log ingestion tools. Maybe there's a better tool for the same purpose?
-
Has anyone tried Qradar CE or full Qradar on their network? I've only used it at work, and that version is robust. I'm wondering if it's comparable to Graylog or other log ingestion tools. Maybe there's a better tool for the same purpose?
If it's open source why not but.p up those thresholds a bit and go to town?
-
@DustinB3403 said in Qradar CE:
Has anyone tried Qradar CE or full Qradar on their network? I've only used it at work, and that version is robust. I'm wondering if it's comparable to Graylog or other log ingestion tools. Maybe there's a better tool for the same purpose?
If it's open source why not but.p up those thresholds a bit and go to town?
It's OS? I never found the license info.
-
@scottalanmiller said in Qradar CE:
@DustinB3403 said in Qradar CE:
Has anyone tried Qradar CE or full Qradar on their network? I've only used it at work, and that version is robust. I'm wondering if it's comparable to Graylog or other log ingestion tools. Maybe there's a better tool for the same purpose?
If it's open source why not but.p up those thresholds a bit and go to town?
It's OS? I never found the license info.
I never said it was, I asked if it is.
-
@DustinB3403 said in Qradar CE:
@scottalanmiller said in Qradar CE:
@DustinB3403 said in Qradar CE:
Has anyone tried Qradar CE or full Qradar on their network? I've only used it at work, and that version is robust. I'm wondering if it's comparable to Graylog or other log ingestion tools. Maybe there's a better tool for the same purpose?
If it's open source why not but.p up those thresholds a bit and go to town?
It's OS? I never found the license info.
I never said it was, I asked if it is.
They use docker on a centos platform distributed via an ova. Licensing is based on events per seconds.
