Topic
  • 1 reply
  • Latest Post - ‏2014-12-02T13:51:26Z by Jason Keirstead (IBM)
gm09519
gm09519
1 Post

Pinned topic Real time Stream event Visualization

‏2014-12-02T13:26:18Z |

Hi,

How can we get real-time streaming events from Qradar using API to display it as graphically like http://map.ipviking.com?

  • Jason Keirstead (IBM)
    16 Posts
    ACCEPTED ANSWER

    Re: Real time Stream event Visualization

    ‏2014-12-02T13:51:26Z  

    We have considered a real-time streaming API but it does not exist yet. It may some day in the future. If you want to make this kind of visualization, you should simply query the API every minute for the previous minutes worth of data. This is fairly simple by specifying "last 1 minutes" at the end of your SQL query.

    It should be noted that on any reasonable system, even just 1 minute of remote data will give you an overwhelming amount of information to draw on such a graph, so you will probably want to apply some additional filtering criterion.

  • Jason Keirstead (IBM)
    16 Posts

    Re: Real time Stream event Visualization

    ‏2014-12-02T13:51:26Z  

    We have considered a real-time streaming API but it does not exist yet. It may some day in the future. If you want to make this kind of visualization, you should simply query the API every minute for the previous minutes worth of data. This is fairly simple by specifying "last 1 minutes" at the end of your SQL query.

    It should be noted that on any reasonable system, even just 1 minute of remote data will give you an overwhelming amount of information to draw on such a graph, so you will probably want to apply some additional filtering criterion.