Configuring Am I Affected settings
Search your QRadar environment to see whether you are prone to threats identified in the X-Force Exchange collections, such as Petya or WannaCry.
- From the navigation menu on the Threat Intelligence dashboard, click the App Settings icon ().
- Click the Am I Affected tab, and then configure the following
settings for both the Log Event tab and the Network
Enable Log Event Scan or Enable Flow Event Scan
Specify which event scan you want to run.
Click the move down or the move up icon to change the order of running the scan.
Where the attack is originating or directed. Example: sourceip.
Where the attack is targeted. Example: destinationip.
The identifier for a specific malware. Example: file_hash.
Host name. Example: Hostname, url.
The time period that you want to search for.
- Click Save Configuration.