New in
7.4.1 A user with root
access can unlock hosts that are locked out of IBM®
QRadar®.
About this task
A host can be locked out of QRadar if there are too many
failed login attempts from that host.
Procedure
- Using SSH, log in to your system as the root user.
- Unlock specific hosts or all user hosts.
- Unlock specific hosts by typing the following
command:
/opt/qradar/bin/runjava.sh com.ibm.si.security_model.authentication.AuthenticationLockoutCommandLineTool --remove-ip <host_IP_address1> <host_IP_address2> <host_IP_address3>
- Unlock all hosts by typing the following
command:
/opt/qradar/bin/runjava.sh com.ibm.si.security_model.authentication.AuthenticationLockoutCommandLineTool --remove-all-ips