What is indicated by an event on an existing log in QRadar that has a Low Level Category of “Unknown”?
What is indicated by an event on an existing log in QRadar that has a Low Level Category of “Unknown”?
A . That event could not be parsed
B . That event arrived out of order from the original device
C . That event was from a device that is not supported by QRadar
D . That the event was parsed, but not mapped to an existing QRadar category
Answer: D
Explanation:
Reference:
https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.dsm.doc/c_DSM_guide_UniversalLEEF_eventmap.html#c_dsm_guide_universalleef_eventmap
                             Subscribe
                            
                        
                                            
                             Login                        
                    
                        0 Comments                    
                                        
                     Inline Feedbacks                    
                    View all comments
                 
	