Problems being faced by the customer/Specific business need/Pain point to address

-Lack of capability/ expertise to carry out the integration / log analysis and use case development. -Involved Production deployments –

Solutions applied:

-Log Collection – Standard log source attachment – IBM PIM

  • The OOB support was available for this log source but some critical configuration changes and database modifications are involved from PIM side in order to pull audit events to QRadar.

-Use case creation

  • Developed custom use cases and dashboards based on privileged monitoring scenarios and available data sources.
  • Developed custom views/ menu options to drill down to display the additional correlated information to the offenses generated.

Benefits delivered 

-Helps to identify security issues and privileges escalations -Enabled reporting on SLAs violation through the IBM QRadar