IBM QRadar: Principais Comandos e Arquivos: Difference between revisions
No edit summary |
|||
| Line 10: | Line 10: | ||
| |- qchange_netsetup -> Realiza a troca de IP, DNS, ... | | |- qchange_netsetup -> Realiza a troca de IP, DNS, ... | ||
|- conf/ | |- conf/ | ||
| |- nva.conf -> Um dos principais arquivos e configuração do QRadar | | |- nva.conf -> Um dos principais arquivos e configuração do QRadar | ||
|- support | |- support | ||
| |- qappmanager -> verify status of all apps | | |- qappmanager -> verify status of all apps | ||
| Line 19: | Line 19: | ||
| | | | |- do_deploy.pl -> deploy events for | | | | | |- do_deploy.pl -> deploy events for | ||
|- conf | |- conf | ||
/store -> is used as directory for DB, Config. deployment files, and all stored events and flows data. | |||
== Commands == | == Commands == | ||
Revision as of 18:34, 31 January 2025
Principais arquivos
A instalação padrão fica no diretório:
/opt/qradar/ |- bin/ | |- ariel_query -> Run a Ariel query from command line. | |- apply_appliance_tunings.pl -> Apply Appliance Tunings settings | |- logrun.pl -> Send logs to qradar | |- qchange_netsetup -> Realiza a troca de IP, DNS, ... |- conf/ | |- nva.conf -> Um dos principais arquivos e configuração do QRadar |- support | |- qappmanager -> verify status of all apps |- upgrade | |- util | | |- setup | | | |- upgrades | | | | |- do_deploy.pl -> deploy events for |- conf /store -> is used as directory for DB, Config. deployment files, and all stored events and flows data.
Commands
ariel_query
ariel_query --no-verify -u admin --output table --query "select QIDNAME(QID) from EVENTS limit 10"