Use the IBM®
QRadar® Incident
Overview application extension to get more information on an offense.
Procedure
- Click the bubble on the Recent Incidents bubble
graph for the offense you want to investigate.
An
information pane is displayed:
- In the information pane, you can interact with a number
of elements.
- Click the link in Incident Type row
to view an X-Force IP report on the incident's Source IP.
- Click the location marker in the Incident Contributors map
to view an X-Force IP report on the incident Destination IP.
- Click Investigate to open the Offense
Summary page for the offense in a new tab.