Troubleshooting
Problem
Packet capture files (pcap) do not display up in the Case Management view of the user interface after the files are successfully uploaded. This issue can occur when users attempt to add packet capture files through the QRadar Incident Forensics user interface or when you upload files with FTP.
Symptom
- Log in to the QRadar user interface.
- Click the Admin tab.
- Scroll down to Forensics > Case Management.
- Click Add Files.
- Click Start upload.
Results
The PCAP file is not displayed under Case Management when there are no valid documents to import. Users who view case collections in the user interface might see in Case Management > Cases > Collections > [0].
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSUK44","label":"IBM Security QRadar Incident Forensics"},"ARM Category":[{"code":"a8m0z000000cwsyAAA","label":"Admin Tasks"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
27 April 2023
UID
ibm11072616