Installing QRadar after the RHEL installation

Install IBM® QRadar® on your own device after you install RHEL.

Before you begin

A fresh software install erases all data in /store as part of the installation process. If you want to preserve the contents of /store when performing a software install (such as when performing a manual retain), back up the data you want to preserve apart from the host where the software is to be installed.


  1. Copy the QRadar ISO to the /root or /storetmp directory of the device.
  2. Create the /media/cdrom directory by typing the following command:
    mkdir /media/cdrom
  3. Mount the QRadar ISO by using the following command:
    mount -o loop <path_to_ISO>/<qradar.iso> /media/cdrom
  4. Run the QRadar setup by using the following command:
    Note: A new kernel might be installed as part of the installation, which requires a system restart. Repeat the commands in steps 3 and 4 after the system restart to continue the installation.
  5. Select the appliance type:
    • Software Install
    • High Availability Appliance
  6. Select the appliance assignment, and then select Next.
  7. If you selected an appliance for high-availability (HA), select whether the appliance is a console.
  8. For the type of setup, select Normal Setup (default) or HA Recovery Setup, and set up the time.
  9. If you selected HA Recovery Setup, enter the cluster virtual IP address.
  10. Select the Internet Protocol version.
  11. If you selected ipv6, select manual or auto for the Configuration type.
  12. Select the bonded interface setup, if required.
  13. Select the management interface.
  14. In the wizard, enter a fully qualified domain name in the Hostname field.
    • The hostname must not contain only numbers.
    • The console and managed host (MH) cannot share the have hostname.
  15. In the IP address field, enter a static IP address, or use the assigned IP address.
    Important: If you are configuring this host as a primary host for a high availability (HA) cluster, and you selected Yes for auto-configure, you must record the automatically-generated IP address. The generated IP address is entered during HA configuration.

    For more information, see IBM Security QRadar High Availability Guide.

  16. If you do not have an email server, enter localhost in the Email server name field.
  17. Leave the root password as it is.
  18. If you are installing a Console, enter an admin password that meets the following criteria:
    • Contains at least 5 characters
    • Contains no spaces
    • Can include the following special characters: @, #, ^, and *.
  19. Click Finish.
  20. Follow the instructions in the installation wizard to complete the installation.

    The installation process might take several minutes.

  21. If you are installing a Console, apply your license key.
    1. Log in to QRadar as the admin user:


    2. Click Login.
    3. On the navigation menu ( Navigation menu icon ), click Admin.
    4. In the navigation pane, click System Configuration.
    5. Click the System and License Management icon.
    6. From the Display list box, select Licenses, and upload your license key.
    7. Select the unallocated license and click Allocate System to License.
    8. From the list of systems, select a system, and click Allocate System to License.
  22. If you want to add managed hosts, see Managed hosts.