Restore Group Configuration details
The following table lists the restore configurations and the items that are included in each category.
Note: The content included in each configuration is not limited to the content that is
listed.
| Restore Configuration | Content included |
|---|---|
| Custom Rules Configuration |
|
| Deployment Configuration |
Note: If you select this option, it is recommended that you select all other configuration
options.
|
| Users Configuration |
|
| Report Templates |
Note: Report Templates does not include generated report content.
|
| System Settings |
|
| Assets |
Note: When Assets is selected, the Deployment Configuration group is
automatically selected.
|
| Offenses |
Important: When you restore to another system where only partial
options are restored and rules are restored but related offenses are not. For example, when you
restore deployment configuration without offenses.
If restoring to a new or rebuilt system and if you had rules that created offenses that were indexed on custom properties of the system that the backup was created on, restore the offenses so that the offense types (offense-indexed fields) are restored correctly. If this is not done, you need to edit any rules that create offenses indexed on custom properties and relink them to the correct property again. The following default normalized fields are not affected.
|
| Installed Applications Configuration |
|
Important: Data Synchronization App v3.2.2 or later, when used with QRadar® UP13 or later, supports
application restore functionality in a console-only setup. The items listed under the
Installed Applications Configuration group is restored when using Data
Synchronization App v3.2.2 or later with QRadar UP13 or later in a
console-only environment. This happens only if the app-restore toggle is
enabled during the Data Synchronization App setup.