IBM Support

QRadar: Configuring a MaxMind account for geographic data updates (APAR IJ21884)



GeoLite2 data is required to resolve geographic locations from IP addresses in QRadar. As of 30 December 2019, a MaxMind account must be configured by the administrator in QRadar System Settings. The default userid and license key values can no longer be used to receive geographic data updates.


Administrators who use the default userid and license value receive a '401 Unauthorized' error in QRadar when geographic data attempts to update. When this issue occurs, the utility displays the following error message:
Result: 401 Unauthorized at /opt/qradar/bin/ line 222, <$fh> line 37


The default geographic account included in QRadar requires a unique userid and license key to allow updates after 30 December 2019. Administrators must create a MaxMind account and update Admin > System Settings > Geographic Settings to continue to receive geographic location lookup data for IP addresses.


QRadar V7.3.1 and later.

Resolving The Problem

This procedure requires an Admin user to create a MaxMind account and update System Settings to ensure that geographic location data updates can complete successfully.
  1. Create a free MaxMind account:
  2. After your account is created, an email is provided by MaxMind.
    Maxmind Welcome Email
  3. Create a password for your account. 
  4. After you assign an account password, use the credentials you created to sign in.
  5. Click Manage License Keys.
    Manage License Keys
  6. Click Generate new license key.
    Maxmind Generate License Key
  7. Configure the following values:
    • In the License key description, type: QRadar License Key.
    • For QRadar 7.5.0 UP4 or newer versions, select Generate a license key and config file for geoipupdate versions 3.1.1 or newer.
    • For QRadar 7.5.0 UP3 or earlier versions, Maxmind no longer issuing license key for geoipupdate version 3.1.0 or older since 2023 March 27th.
      Open a case with QRadar Support to get your system upgraded to use license version 3.1.1. Include this documentation in the case.
      Key Generation
    • Click Confirm.
    • Record the Account and User ID and License Key information.
      Important: If you exit the license key screen without recording the information, you must generate a new license key from Step 4.
      Key generated
  8. Configure in QRadar
    • Log in to QRadar as an administrator.
    • Click the Admin tab.
    • Click the System Settings icon.
    • Navigate to Geographic Settings.
    • Update the User ID and License Key values from Step 5.
    • Click Save.
    • From the Admin tab, click Deploy Changes.
After the deploy changes completes, geographic data settings are updated for the QRadar deployment. Administrators can confirm their MaxMind geographic settings from the command line of the QRadar Console.

How to verify your geographic data license changes

Administrators can verify geographic data (geodata) updates from the QRadar command line interface. After you update your System Settings to use your MaxMind User ID and License, you can attempt to run an update, and verify whether any errors occur. To complete this procedure, you must have root access to QRadar.

  1. Use SSH to log in to your QRadar Console as the root user.
  2. To update geographic data, type: /opt/qradar/bin/

  • If successful, the administrator is returned to the command prompt with no errors displayed on screen.
  • If unsuccessful, a 401 Unauthorized error is displayed. If you experience an error, confirm the credentials in the QRadar System Settings from Step 10, then click Save and Deploy Changes. Repeat the verification procedure or generate a new license key from the MaxMind website. If you continue to experience problems or believe that the Deploy Changes does not complete successfully, open a case with QRadar Support.

Document Location


[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Component":"Administration and Configuration","Platform":[{"code":"PF016","label":"Linux"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
30 June 2023