Mid Sweden University

Detta arbete har utförts på uppdrag av ett konsultföretag vars systemkonsult önskar dokumentera grundläggande kunskap gällande IBM Qradar SIEM. Arbetet beskriver vad IBM QRadar SIEM är och vad det kan göra,samt går igenom installation av QRadar Community Edition och information gällande händelser och flöden i en virtuell miljö. Arbetet redovisar även den uppskattade tiden det tar att installera QRadar CE och de applikationer som användes i detta arbete. En dokumentation skapades för systemkonsulten innehållandes denna information. Det tar även upp en etisk diskussion angående SIEM, andra SIEM-lösningar samt olika typerav nätverksattacker.

This work has been performed on behalf of a consulting company whose system consultant wishes to document basic knowledge regarding IBM QRadar SIEM. The work describes what IBM QRadar SIEM is and what it can do, as well as reviewing the installation of QRadar Community Edition and information about events and flows in a virtual environment. The work also reports the estimated time it takes to install QRadar CE and the applications used in this work. A documentation was created for the system consultant containing this information.This work has been performed on behalf of a consulting company whose system consultant wishes to document basic knowledge regarding IBM QRadar SIEM. The work describes what IBM QRadar SIEM is and what it can do, as well as reviewing the installation of QRadar Community Edition and information about events and #ows in a virtual environment. The work also reports the estimated time it takes to install QRadar CE and the applications used in this work. A documentation was created for the system consultant containing this information. It also addresses an ethical discussion regarding SIEM, other SIEM solutions and various types of network attacks.