IBM Security QRadar Suite Alerts

The data source type for IBM® Security QRadar® Suite Alerts collects internal alerts for the QRadar product.

Internal alerts are generated from various platform sources to adhere to a singular payload format for optimized transfer between services.

These services are examples of the services that use the internal alert format:
  • Search-based Rule Executors (SARE)
  • Real-time Rule Executors (RARE)
  • User Behavior Analytics