Welcome users! Here you have an opportunity to collaborate directly with the product development teams and other product users.

Note: To submit enhancement requests for Analytics products please visit Analytics Ideas Portal site.

To submit enhancement requests for OpenPages, Incentive Compensation Management and Financial Transaction Manager products please visit WFSS Ideas Portal site.

Filter the page content by brand and product


This is a table showing requests
Number of votes Request headline and description

23
votes

Add ability to edit already set filters

If a filter for a search is once set, it cannot be edited. I always have to remove it and add it again. This is really annoying especially if the filter includes multiple entries (e.g. multiple IP add...

Under Consideration

16
votes

QRadar user roles lack flexibility

When designing user roles, QRadar offers several selectable permissions which can be granted to a user role. Important core functionalities, such as access to DSM editor oder the ability to manage use...

Under Consideration

13
votes

Identify relationship between multiple event properties within a QRadar tes...

When adding multiple event properties to a test, it is unclear whether these properties are joined by AND or OR.

Under Consideration

11
votes

UI management of reference maps, tables & maps of sets

Today only Ref Sets can be managed through the UI. Reference maps, tables & maps of sets can only be managed via the CLI or some cases API. All of the reference data should be manageable through the U...

Declined

9
votes

QRadar Maintenance Mode

We would like to have the possibility to activate something like "Maintenance Mode" where it would restrict the logins on the console to the local admin account or to a specific profile.

Under Consideration

9
votes

Modifying a search without having to re-enter all values

Add the ability to modify a search or quick search without having to re-enter all values or parameters again.

Planned for Future Release

8
votes

Chained Offense should contain all contributing events

There are rules that use other rules or building blocks in order to start escalating activity. The out of the box "Chained Exploit Followed by Suspicious Events" is a good example, where we first fin...

Under Consideration

7
votes

DSM Request For Airwatch MDM Syslog traffic.

Was forwarded here from this IBM post. https://www.ibm.com/developerworks/community/forums/html/topic?id=2f19085b-5178-4a39-a993-d27824a4e49b We have Airwatch MDM on a Windows Server and have a conf...

Declined

6
votes

Reference Set iteration request TS002417486

We are trying to find an efficient way to collect log data needed for our investigations. We are trying to use the computer name as a reference set value and increase the counter through a python scri...

Declined

6
votes

MITRE Attack Referenz for QRadar Rules

Compliance Requirements at QRadar customers need to document the compatibilty to MITRE Attack Framework. Suggestion is to extend the Rule Description with a hint which MITRE Attack Technique or APT wi...

Planned for Future Release

5
votes

For any number of reasons the CRE will fail, and there is no indication tha...

The CRE failed silently for multiple reasons not explained in the notifications that exists already. Reasons like a defect in the code or a Custom Event Property blocking the pipeline. We need to be...

Planned for Future Release

5
votes

Generate Offences on Log Source Time

By default, QRadar uses the Start Time to process logs and generate Offences. I would like to change this to generate Offence based on the Log Source Time (the time in which logs were generated on the...

Uncommitted Candidate

5
votes

Creating Column Layout

We need the following features in Qradar: 1. We want to be able to make our "column layout" visible to all users. 2. We want to be able to make a global "column layout" and add it to Display.

Uncommitted Candidate

4
votes

DSM for MFA Microsoft MultiFactor Authentication

I need a DSM parser for MFA Azure Microsoft MultiFactor (On-Premise) version 8.0.1.1. This is a server that authenticate with Two-Factor method. Thanks.

Under Consideration

4
votes

Username Case Sensitivity

QRadar is unable to recognize a single username appearing in a different case format from other log sources as the same during event correlation.

Declined


Your ideas matter!

As of today:

33 new
235 planned
482 delivered


1108 users
3609 votes
3104 comments