A QRadar administrator creates a new saved search in QRadar.
Which option does the administrator enable to allow this search to be opened as the Log Activity tab is opened?
When a QRadar administrator creates a new saved search and wants it to open by default whenever the Log Activity tab is opened, they need to enable the 'Set as Default' option. Here is a detailed explanation:
Creating a Saved Search: When saving a search in QRadar, the administrator can define specific criteria and filters to create a custom search that meets their requirements.
Set as Default Option: By enabling the 'Set as Default' option, the administrator ensures that this particular search will be automatically executed and displayed whenever the Log Activity tab is accessed. This saves time and provides immediate access to the most relevant data.
Benefits: Setting a default search streamlines the workflow for security analysts by presenting the most important or frequently used search results right away.
This feature enhances efficiency by ensuring that users are presented with the most pertinent data as soon as they access the Log Activity tab.
Reference IBM Security QRadar SIEM and IBM Security QRadar EDR integration.pdf
Dusti
6 months agoMoon
6 months agoParis
6 months agoMargurite
6 months agoVi
6 months agoCecily
6 months agoLenny
6 months agoFrancoise
6 months agoNgoc
6 months agoEulah
6 months agoTimothy
6 months agoRory
6 months agoGoldie
6 months agoKris
6 months agoAlysa
6 months ago