QRadar 7.3.2 – Top 5 New Features

QRadar 7.3.2 – Top 5 New Features

 

1- Enhanced parsing support for CEF and LEEF events :

With new capabilities in the DSM Editor,  we can parse both standard and custom properties from events in CEF and LEEF format without writing regular expressions (regex). By enabling “Property autodiscovery” all available fields can be parsed as custom properties for log sources support CEF and LEEF events.

2- Rule performance visualization give ability to detect efficiency of rules in QRadar pipeline  directly from the Rules page. Expensive rules can be monitored and ensure that they do not cause upcoming performance issues

3- More secure operating system and New health check framework:

QRadar V7.3.2 runs on Red Hat Enterprise Linux version 7.5. The to RHEL V7.5 is necessary to continue receiving security s from Red Hat Enterprise Linux.

DrQ is announced as health check framework  to address issues before major event such as upgrades. This utility also can be used as a daily driver.

4- Single sign-on authentication with SAML 2.0:

You can easiy integrate Qradar with your identity server for authentication so need for separate password can be eliminated.

5- New “App Host”:

With QRadar 7.3.2 App Host replace App Nodes to store and manage applications. App Hosts can be managed in the same way other managed hosts. s will be managed by QRadar, high availability deployment scenarios are applicable.

To see all  enhancements to performance, workflow, security, and user experience IBM® QRadar® 7.3.2 family of products offer, please check the following link ;

https://www.ibm.com/support/knowledgecenter/SS42VS_7.3.2/com.ibm.qradar.doc/c_qradar_ov_whats_new_732.html