Welcome users! Here you have an opportunity to collaborate directly with the product development teams and other product users.

Note: To submit enhancement requests for Analytics products please visit Analytics Ideas Portal site.

Existing enhancement requests for OpenPages, Incentive Compensation Management and Financial Transaction Manager products are moving to the Watson FSS Ideas Portal. Beginning March 25, 2019, visit WFSS Ideas Portal site to add a new enhancement request for these products. While we migrate to the new system, you can continue to review existing requests on this site, then you will be able to use the ID# for current enhancement requests to locate and subscribe to updates there.

Filter the page content by brand and product


This is a table showing requests
Number of votes Request headline and description

26
votes

Username Case Sensitivity

QRadar is unable to recognize a single username appearing in a different case format from other log sources as the same during event correlation.

Declined

18
votes

Expose the AQL query in Manage Search Results

Manage Search results - for searches run with filters set through the GUI, you can see the conditions of the search. For searches run via AQL, you only see the fields but never the query or the condit...

Under Consideration

17
votes

Modifying a search without having to re-enter all values

Add the ability to modify a search or quick search without having to re-enter all values or parameters again.

Planned for Future Release

13
votes

Generate Offences on Log Source Time

By default, QRadar uses the Start Time to process logs and generate Offences. I would like to change this to generate Offence based on the Log Source Time (the time in which logs were generated on the...

Uncommitted Candidate

10
votes

Add ability to edit already set filters

If a filter for a search is once set, it cannot be edited. I always have to remove it and add it again. This is really annoying especially if the filter includes multiple entries (e.g. multiple IP add...

Under Consideration

9
votes

Ability to pull WHOIS information from X-Force via the API into QRadar from...

Improve the integration between X-Force and QRadar by providing structural access to the WHOIS information from the AQL or even in a way that it can be used in rules. Additionally, including the ASN o...

Uncommitted Candidate

9
votes

Selective Deploy Change in Qradar

Provide a possibility to select some modifications of a Deploy Change and not deploy all modification in one go.

Planned for Future Release

8
votes

Time range in GUI also to allow seconds

Currently the time limit in the search options only allows to to filter on hours & minutes. This is an issue with high volume log sources like DNS or mail gateway logs. Being able to use SECONDS would...

Under Consideration

8
votes

MITRE Attack Referenz for QRadar Rules

Compliance Requirements at QRadar customers need to document the compatibilty to MITRE Attack Framework. Suggestion is to extend the Rule Description with a hint which MITRE Attack Technique or APT wi...

Planned for Future Release

8
votes

Improving QRadar multi tenancy configuration and visibility

Today QRadar's configuration for multi tenancy is spread across the whole configuration part of QRadar. There're multi tenancy configuration options with retention buckets, resource restriction, secur...

Under Consideration

7
votes

UI management of reference maps, tables & maps of sets

Today only Ref Sets can be managed through the UI. Reference maps, tables & maps of sets can only be managed via the CLI or some cases API. All of the reference data should be manageable through the U...

Declined

6
votes

Palo Alto TRAPS Cloud Service DSM

We have a customer that utilizes Palo Alto TRAPS on Cloud. They have a log export function that we have tested works with QRadar, however parsing needs to be added.

Under Consideration

6
votes

For any number of reasons the CRE will fail, and there is no indication tha...

The CRE failed silently for multiple reasons not explained in the notifications that exists already. Reasons like a defect in the code or a Custom Event Property blocking the pipeline. We need to be...

Planned for Future Release

6
votes

Change Disk Space Logic

When QRadar does disk space logic for notifications, or when to shut down services, it should be done with how much disk space is available ( For Example GBs), not by how much percentage is used/avail...

Planned for Future Release

6
votes

Creating Column Layout

We need the following features in Qradar: 1. We want to be able to make our "column layout" visible to all users. 2. We want to be able to make a global "column layout" and add it to Display.

Uncommitted Candidate


Your ideas matter!

As of today:

47 new
236 planned
463 delivered


1061 users
3306 votes
2886 comments