Question & Answer
Why is QRadar Packet Capture unavailable after a version update?
PCAP uses different ports in different versions.
IBM® Security QRadar® Packet Capture is a network traffic capture and search application.
For more information, see the QRadar Packet Capture usage overview on the IBM Knowledge Center.
QRadar 7.2.5 and under uses 443 port, while QRadar 7.2.6/7.2.7/7.2.8 uses port 41390. After a QRadar update Pcap becomes unreachable, you need to use: https://pcapIP:41390 instead of https://pcapIP.
Note: Also, SSH port is 4477 and not 22.
Where do you find more information?
Was this topic helpful?
28 October 2020