Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Deployment and Application Tuning Overview

Tuning your JSA environment involves processes in which one or more parameters of an appliance, deployment, or running system are adjusted to run more efficiently.

After you install JSA and it is running, you can tune your JSA system in the following two phases:

Deployment phase

During this phase, you configure essential network, scanner, log source, and asset configurations. This phase is done at the start of your lifecycle management for JSA systems.

Application phase

During this phase, you discover servers, investigate offenses, optimize custom rules, edit building blocks, tune false positives, and improve search performance in JSA.

QRadar Use Case Manager app

You can also use the QRadar Use Case Manager to tune JSA. Use the guided tips in QRadar Use Case Manager (formerly JSA Tuning app) to help you ensure that JSA is optimally configured to accurately detect threats throughout the attack chain. For more information, see Use Case Manager.

Download the QRadar Use case manager from the IBM Security App Exchange.

Tuning videos

Watch the following videos on how to tune JSA: