How To
Summary
The QRadar Use Case Manager application allows administrators to evaluate and tune specific portions of QRadar, review rule coverage, and more. Administrators who want the Use Case Manager to evaluate rules must export their rules from QRadar using the generate-rules-script.sh utility. This utility generates an XML copy of the current QRadar rule set and can be automated so the administrators can import the information in to the QRadar Use Case Manager application to keep their rules up-to-date with the latest changes.
Objective
Notice: The QRadar® Tuning app has been renamed to QRadar Use Case Manager. The support article that describes how to export rules to an XML file for the Use Case Manager app has been moved here: https://www.ibm.com/support/pages/node/875162
Document Location
Worldwide
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Component":"Use Case Manager App","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
25 October 2019
UID
ibm11098951