IBM Support

QRadar: How to verify X-Force IP, URL, and Web application database versions are current

Question & Answer


How can a QRadar Administrator confirm the X-Force server database updates are current?


To verify whether the X-Force server is receiving the daily updates to the database, administrators with command line access to the QRadar Console can manually validate their database version against the IBM Security X-Force Database reference (

image 8521

When the QRadar Console receives updates from the IBM X-Force Exchange, reference sets are updated and the latest versions are logged in /var/log/dca/dca_info.log.


  1. Use SSH to log in to the QRadar Console as the root user.
  2. Navigate to the /var/log/dca directory.
  3. To validate an X-Force database versions, review the following commands:
    • To view the X-Force URL database version, type:
      grep "url_database, version" dca_info.log | tail -1
    • To view the X-Force IP reputation database version:
      grep "ipr_database, version" dca_info.log | tail -1
    • To view the X-Force Web Application database version:
      grep "wac_database, version" dca_info.log | tail -1
  4. Compare the date and version info from the command-line output to the X-Force master database list:
    45273   2021-02-24  19:47:00.979     N    UpdateModule    url_database, version = 6.00816962

    If the database version is old or out-of-date, administrators can review their proxy configurations to verify that the X-Force Threat Intelligence feeds are enabled and that firewalls are not rejecting connections to: or For more information, see: Enabling X-Force Threat Intelligence in QRadar.

[{"Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwsyAAA","label":"Admin Tasks"}],"ARM Case Number":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]

Document Information

Modified date:
24 February 2021