What is indicated by an event on an existing log in QRadar that has a Low Level Category of “Unknown”?
What is indicated by an event on an existing log in QRadar that has a Low Level Category of “Unknown”?
A . That event could not be parsed
B . That event arrived out of order from the original device
C . That event was from a device that is not supported by QRadar
D . That the event was parsed, but not mapped to an existing QRadar category
Answer: D
Explanation:
Reference:
https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.dsm.doc/c_DSM_guide_UniversalLEEF_eventmap.html#c_dsm_guide_universalleef_eventmap
Subscribe
Login
0 Comments
Inline Feedbacks
View all comments