IBM Security QRadar Community Edition provides many of the same capabilities as QRadar with a license for 50 events per second and 5,000 flows per minute.
Community Edition is a fully featured free version of IBM Security QRadar that requires low memory and low EPS. QRadar is a market-leading security information and event management (SIEM) solution.
When downloaded, QRadar Community Edition empowers users, students, security professionals and application developers to learn and experience the latest features of QRadar with no expiration or time limit.
Before you begin
Procedure
- Register and download the QRadar Community Edition OVA file (PDF, 55 KB).
- Create a virtual machine with the OVA file that meets the following requirements:
Minimum: 8 GB RAMNoteYou need 10 GB or more if you use IBM X-Force® tests or Ariel queries. Some applications require more RAM. Applications get 10% of available RAM, divided between all applications.- Minimum 250 GB disk space
- Minimum 2 CPU cores
NoteFor optimal performance, you need a minimum of 6 CPU cores if you use X-Force tests and a minimum of 8 CPU cores if you use Ariel queries with X-Force data.- You need at least one network adapter with access to the internet. Your system must have internet access for QRadar Community Edition installation.
NoteIf you use a locally hosted virtual machine with a local IP address, you must forward port 8444 to port 443 to access QRadar in a web browser. Forward port 2222 to port 22 to use SSH to connect to QRadar.- You need static public and private IP addresses for QRadar Community Edition.
- The hostname must be a fully qualified domain name with a maximum of 63 characters.
- Log in as the root user and enter your password.
- Start the setup process by typing the following command:
./setup - Press Enter to accept the CentOS end user license agreement (EULA).
- Accept the QRadar Community Edition EULA.
- Press Space to advance through the EULA screen.
- Press Q to be prompted to accept the EULA.
- Press Enter to accept the EULA.
- Press Y to continue setup.
- Enter a password for the administrative account. Set a strong password that meets the following criteria:
- Contains at least 5 characters
- Contains no spaces
- Can include the following special characters: @, #, ^ and *
- Apply the command documented in this flash notice.
- Restart the appliance by typing the following command:
reboot - Log in to the QRadar Community Edition user interface as the admin user and accept the EULA. Access QRadar Community Edition in a web browser at https://<ip_address>/console. If you use a locally hosted virtual machine with a local IP address, access QRadar Community Edition in a web browser on your host system at https://<ip_address>:8444/console.
Install QRadar Community Edition in a virtual machine. Community Edition is based on QRadar V7.3.3 or later.
What to do next
Explore by role
– Watch QRadar videos and see other training material in the IBM Security Learning Academy.
For more information:
Read about one user’s experience setting up QRadar Community Edition.
For help with installation issues, please watch this webinar.
Download the QRadar Community Edition Getting Started Guide (518 KB).