IBM Support

IJ18004: QRADAR NETWORK INSIGHTS TELNET INSPECTOR CAN INCORRECTLY CLASSIFY SOME LDAP FLOW TRAFFIC AS TELNET TRAFFIC

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • It has been identified that in some instances, the QRadar
    Network Insights Telnet Inspector can incorrectly classify LDAP
    flow traffic as Telnet traffic.
    When this occurs, false positives can sometimes occur within
    rule functionality.
    

Local fix

  • Contact Support for a possible workaround that might address
    this issue in some instances.
    

Problem summary

  • This issue was fixed in QRadar QRM QVM release of 7.4.1 FixPack
    1 and 7.3.3 FixPack 5.
    

Problem conclusion

  • This issue was fixed in QRadar QRM QVM release of 7.4.1 FixPack
    1 and 7.3.3 FixPack 5.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IJ18004

  • Reported component name

    QR INCIDENT FOR

  • Reported component ID

    5725QIFSW

  • Reported release

    732

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2019-07-30

  • Closed date

    2020-09-18

  • Last modified date

    2020-10-08

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    QR INCIDENT FOR

  • Fixed component ID

    5725QIFSW

Applicable component levels

[{"Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU029","label":"Software"},"Product":{"code":"SS6E69","label":"IBM QRadar Network Insights"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"732"}]

Document Information

Modified date:
09 October 2020