Platin Bilişim has cooperations with the strongest and leader brands. Our target is not only make a difference on our rivals via our certificated and powerful engineer staff but also; providing IT security products and services for our customers from end to end.

QRadar Event Processor Collector

QRadar Event Collector is the module in which Logs are collected and the EPS (Event per Second) Licensing is counted and normalized.

QRadar Collector is the module that stores the logging of the logs and normalizes the logs.

Qradar Event Processor, Collector device consists of Event Processor and Event Collector components. Event Collector and Event Processor functions are as follows.

Event Collector;

It collects the raw data of the field. Makes unprocessed data meaningful and sends it to the Event Processor.

Event Processor;

  • It uses meaningful data collected from one or more Event Collector components.
  • Runs the rule / correlation mechanism using the Special Rule Infrastructure (CRE).
  • Each Event Processor has a local storage area and event data is stored in the Processor.
  • The processing rate for events is determined by your EPS (EventPerSecond) license.
  • The Event Processor device can be installed physically or virtually.
  • High Availability (HA) is a device.

Custom Rule Engine (CRE): It is responsible for processing events received by Qradar, comparing them according to defined rules and creating offense. Applies the rule correlation created in the user interface.

Host Profile: Also called passive profile or passive scan.

Streaming: It is responsible for sending Event Data to Console in real-time.

Event Storage (Ariel): Incoming events are transferred instantly to data files and directories.