Reset Search
 

 

Article

What is the SIEM findExpensiveCustomRules.sh script for?

« Go Back

Information

 
TitleWhat is the SIEM findExpensiveCustomRules.sh script for?
Question
What is the SIEM findExpensiveCustomRules.sh script for?
Environment
  • SIEM CLI
  • /opt/qradar/support directory
Answer
The findExpensiveCustomRules.sh script is run to find a rule, or rules, that could be using a significant portion of the server's resources.  Once the expensive rules are found they can be tuned.
  • cd /opt/qradar/support
  • ./findExpensiveCustomRules.sh
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255