What's new in QRadar Deployment Intelligence

Stay up to date with the new features that are available in each QRadar® Deployment Intelligence app release so that you get the most out of your QRadar health monitoring experience.

Version 3.0.10

Updated packages to address known vulnerabilities.

Version 3.0.9

Updated packages to address known vulnerabilities.

Version 3.0.8

Updated packages to address known vulnerabilities.

Fixed an issue that could cause the QRadar Deployment Intelligence app database to fail.

Version 3.0.7

Updated packages to address known vulnerabilities.

Updated the IBM issued application certificates.

Fixed an issue that could cause daily reports to not generate.

Version 3.0.6

Updated packages to address known vulnerabilities.

Version 3.0.5

Fixed a defect that blocked non-administration users from using QDI.

Version 3.0.4

Reduced the size of the stored and unknown events tables in the database.

Added the ability to multi-select for components, elements, and hosts on the Advanced Health Query page.

Improved QRadar Deployment Intelligence performance by decreasing CPU usage.

QRadar Deployment Intelligence eliminated sending unknown events to QRadar.

Improved the stability of QRadar Deployment Intelligence after container restarts.

Version 3.0.3

Fixed an issue where Supervisor, was not properly managing the Postgres service, which was causing a fatal state.

Fixed an issue with the Coalescing Ratio charts on Data Gateway appliances that prevented the data from displaying.

Version 3.0.2

You can now retain the QRadar Deployment Intelligence data for up to 7 days. Visualize up to 7 days worth of data on the graphs by changing the chart interval to 7 days.

Fixed an issue where long-running queries on the Advanced Health Querying page did not work.

Fixed issues with mapping on the Advanced Health Query page that caused data not to be returned and displayed.

Version 3.0.1

This release contains internal enablement for Red Hat Universal Base Images (UBI). For more information, see QRadar: Applications, CentOS 6, and Python 2 End of Support (https://www.ibm.com/support/pages/node/6356547).

Version 3.0.0

QRadar Deployment Intelligence now uses the IBM Carbon UI/UX Design, which includes a new dashboard view that is fully customizable. You can add, remove, resize, and change the layout of the charts on the dashboard. You can also change the theme from dark to light.

A Flow Sources - Network Traffic chart displays the top flow sources based on source and destination bytes per flow source. If the host is a flow processor or has the required components to receive flow traffic then the chart is available on that host's page.

Figure 1. Performance Charts: Memory Usage, CPU Usage, and Disk Usage
Image of the Memory Usage, CPU Usage, and Disk Usage charts.

When the app creates a report, it is saved in persistent storage on your QRadar deployment. If you remove the QRadar Deployment Intelligence app or the QRadar Deployment Intelligence docker container exits due to errors, or restarts, any reports that are created are not lost.

The database engine was changed from Sqlite3 to PostgreSQL to improve the performance and storage mechanism for collecting QRadar Deployment Intelligence data.

Overall performance was improved.

Version 2.2.4

  • Ariel Writer Thread Utilization added to the QRadar Processing Utilization widget
  • Last 24-hour estimated data size written to disk in QRadar Deployment Intelligence reports
  • QDI Memory Usage timeline added to the QRadar Deployment Intelligence Data Status screen
  • Health Metrics regex validation
  • Fixed an Out of Memory issue in large deployments
  • Significantly improved UI latency in large deployments
  • Changed calculation of QRadar Deployment Intelligence memory usage to not include page cache
  • Optimized search activity database cache usage
  • Better validation in line charts to not include data points from the future
  • Better accuracy of aggregation in line charts

Version 2.2.3

  • QRadar Deployment Intelligence Self-diagnostics - Detailed and granular status for QDI health with diagnostics steps
  • Added a widget to show sources of License Giveback Events
  • Aggregation of expensive QRadar artifacts (Custom Properties, Rules, Log Sources) by hosts and time window
  • Added a widget to show Top / Bottom N Log Source by EPS over time
  • Added a widget to show Top / Bottom N Rule by match count
  • Added a widget to show memory allocation of QRadar Applications (available only with QRadar V7.3.2+)
  • Added a widget to show Event Processing Rate
  • Other stability, performance enhancements and defect fixes:
    • Enhancement to optimize storage space of network data by rolling up inactive interfaces
    • Optimized database connection usage and Ariel queries
    • Optimized Ariel queries in reporting
    • Handle special characters in user names and user group in API and Search Activity widgets.
    • Handle multiple occurrences of HA host suffix
    • Fix incomplete data in Health Metrics Reports
    • Clean Null data exception error during polling outages
    • Added additional validation for QRadar Authorization token input

Version 2.2.1

  • UI enhancements to make the app accessible.
  • Added the Event Coalescing Ratio and Recently Discovered Log Sources widgets.
  • Enhanced the License and Event Rate widget to show System Events License Giveback.
  • Defect fixes to handle polling threads getting stuck.
  • Defect fixes to show bond and em interfaces in QRadar Deployment Intelligence Network Monitoring.
  • Defect fixes to handle corner cases in QRadar server states such as Restarting and Upgrading.
  • Defect fixes to show new graphs after a QRadar upgrade from V7.2.8.

Version 2.1.4

  • Significantly reduced memory consumption on deployments with large number of unparsed events.
  • Fixed a deadlock issue in the polling process.
  • Enhanced logging.

Version 2.1.3

  • Preserve UI chart configuration during upgrades.
  • Fixed a high number of failed API calls from QRadar Deployment Intelligence.
  • UI inconsistencies fixes and bug fixes.
  • Fixed Process Monitor and Component Status to properly show processes that have not changed status over 7 days.
  • Monitor interfaces starting with 'int' in QRadar Deployment Intelligence.

Version 2.1.2

  • Performance improvements in the metric polling process for better performance in large deployments.
  • Minor UI text fixes.

Version 2.1.1

  • Added QRadar process monitor.
  • Added QRadar V7.3.1 support
  • Added ability to group by user roles in multiple charts.
  • Bug fixes and performance optimizations.

Version 2.1.0

  • Deployment overview that shows a consolidated view of the deployment health across all the hosts.
  • Enhanced chart widgets to allow customization. A chart widget can be deleted and then added again. You can adjust the time window of the metrics in a chart, with a maximum of 24 hours.
  • Advanced tab in host-specific views that shows QRadar component-specific metrics.
  • Advanced Health Querying to query health metrics for historical investigation.