Search your QRadar environment to see whether you are prone to threats identified in the
X-Force Exchange collections, such as Petya or WannaCry.
- From the navigation menu on the Threat Intelligence dashboard, click the App
Settings icon ().
- Click the Am I Affected tab, and then configure the following
settings for both the Log Event tab and the Network
Event tab.
Option |
Description |
Enable Log Event Scan or Enable Flow Event Scan
|
Specify which event scan you want to run.
|
or
|
Click the move down or the move up icon to change
the order of running the scan.
|
Source IP
|
Where the attack is originating or directed. Example: sourceip.
|
Destination IP
|
Where the attack is targeted. Example: destinationip.
|
Malware
|
The identifier for a specific malware. Example: file_hash.
|
URL
|
Host name. Example: Hostname, url. |
Time Duration
|
The time period that you want to search for.
|
-
Click Save Configuration.