Log activity

In IBM QRadar, you can monitor and display network events in real time or perform advanced searches.

The Log Activity tab displays event information as records from a log source, such as a firewall or router device. Use the Log Activity tab to do the following tasks:

  • Investigate event data.
  • Investigate event logs that are sent to QRadar in real time.
  • Search events.
  • Monitor log activity by using configurable time-series charts.
  • Identify false positives to tune QRadar.

For more information, see Log activity investigation.