top of page

IBM QRadar Administration

Instructor Led Live Online training with complete hands on with lab access to the participants

Course Highlights

Hands on Training

Certified & Experienced Trainers

Request for Flexible Timings

Certificate of Completion

IBM QRadar Administration

Course Description

QRadar SIEM offers deep insight into network, user, and application activity. It provides collection, normalization, correlation, and secure storage of events, flows, assets, and vulnerabilities. Suspected alleged attacks and policy breaches are highlighted as offenses. In this course, one learns to traverse the user interface and investigate offenses. Participants are trained to search and analyze the information from which QRadar SIEM concludes a suspicious activity. Hands-on exercises reinforce the skills learned.


Target Audience

This entry level certification is intended for administrators who can demonstrate basic support and technical knowledge of IBM Security QRadar SIEM

Course Pre-Requisite

Basic knowledge of:
Basic Query Language
Regular Expressions
Linux commands and file management
Network Infrastructures and devices
System architecture design
Security technologies such as firewalls, encryption using keys, SSL, HTTPS, etc.

Course Outline

Section 1: Implementing

• Plan and design QRadar deployment.
• Implement and install QRadar.
• Add Managed Hosts.

Section 2: Migrating and upgrading

• Plan QRadar upgrade and migration.
• Review documentation and release notes.
• Perform QRadar updates, patches and upgrades.
• Perform migration (e.g., backup and restore, import and export content).

Section 3: Configuring and administering tasks

• Configure event flow sources and custom properties.
• Maintain configuration and data backups.
• Create and administer users, user roles, and security profiles.
• Manage the license per allocation.
• Create, review and modify rules, building blocks and reference sets.
• Configure and manage retention policies (i.e., data and assets).
• Create and manage saved searches, index, global views, dashboards and reports.
• Deploy and manage applications and content packages.
• Configure global system notifications.
• Configure and apply network hierarchy.
• Configure and manage domain and tenants.
• Use the asset database.
• Schedule and run a VA scan.

Section 4: Monitoring

• Monitor QRadar Notifications and error messages.
• Review and interpret system monitoring dashboards.
• Verify QRadar processes and services.
• Monitor QRadar performance.
• Use apps and tools for monitoring (e.g., QDI, assistant app, incident overview, DrQ).
• Check system maintenance and health of appliances.
• Monitor offenses and detect anomalies.

Section 5: Troubleshooting

• Demonstrate knowledge of key commands to interpret QRadar services and processes.
• Explain error messages and notifications.
• Interpret the basic logs (e.g., qradar.error, qradar.log).
• Use embedded troubleshooting tools and scripts.

Training Modes


  • Learn on Your Own Time

  • 1-to-1 learning

  • Customized Solutions


  • Flexibility, Convenience

  • Time Saving

  • More Effective Learning

  • Cost Savings


  • Anytime, Anywhere
    Across The Globe

  • Hire A Trainer

  • At Your Own Pace

  • Customized Corporate Training



“I found the expert excellent and could resolve all my query and designed the course in an engaging format”

Pratibha Naidu

bottom of page