We invite you to shape the future of IBM, including the product roadmap, by submitting enhancement ideas that matter to you the most.
Here's how it works:
Post your ideas
Start by posting ideas and requests to enhance a product or service. Take a look at ideas others have posted and vote for them if they matter to you,
Post an idea
Vote for ideas that matter most to you
Get feedback from the IBM team to refine your idea
Help IBM prioritize your ideas and requests
The IBM team may need your help to refine the ideas so they may ask for more information or feedback. The offering manager team will then decide if they can begin working on your idea. If they can start during the next development cycle, they will put the idea on the priority list. Each team at IBM works on a different schedule, where some ideas can be implemented right away, others may be placed on a different schedule.
Receive notification on the decision
Some ideas can be implemented at IBM, while others may not fit within the development plans for the product. In either case, the team will let you know as soon as possible. In some cases, we may be able to find alternatives for ideas which cannot be implemented in a reasonable time.
Post an Idea
To post a new idea - click on the "Add a new idea" button and where asked select the appropriate category this idea relates to. Provide requested information to allow us to get a better understanding of your request.
All ideas submitted via this portal are visible to all other portal users, though personal information fields remain hidden. If you would rather have your idea visible to only you and IBM then use the IBM Security Private Ideas Portal instead.
Please note: The purpose of the Ideas Portal is to tap the creativity of the IBM Security community so that we can enhance our products for everyone! If you need to report a defect or get help, please use our normal support channel. Click here to open a support ticket.
Want to see all of your IBM ideas in one place? Find them at ideas.ibm.com
Include log source parsing order config in log source manager application
Delegate admins with log source management rights and rights to the log source manager application are unable to modify log source parsing order via the log source management app. This functionality was available in the old interface which has now...
Provide a proper (and reliable) HttpClient implementation for custom AQL function utilities
Your developers already are aware of the shortcomings of the current HTTP client implementation as documented here:
With the current implementation it is imposs...
QRadar Community Edition (CE) version 7.5.0 or later
Several users have created support forum requests for an update to QRadar Community Edition (CE) to bring the release up to a newer QRadar version. I discussed this issue with Product Management (PM) and the goal of this Idea is for users to vote ...
Transformation (upper/lowercase) for regex based Custom Event Properties and built-in properties
Currently a regex property or the built-in properties only extract what is exactly contained in the payload. If a username is lowercase the property will be lowercase, if it is uppercase the resulting property will also be uppercase. This leads to...
Our customers are looking for a flexible way to extend the disk space by adding more virtual disks and extend them with LVM to the /store mount to have more disk space for events and flows at installation and for future growth. At the moment it is...
Remove the limit of 10.000 for subqueries or at least make the limit configurable
Currently there is a subquery limit of 10.000 lines in the product which makes it nearly unusuable for several threat hunting / detection scenarios. Therefore we would like to see the limit for subqueries completely removed from the product or at ...
There is currently no DSM for Olfeo Web Proxy in QRadar. We have around 5 clients using Olfeo (and prospects are refusing our offers because QRadar does not support Olfeo) and would need it to be supported.
Can you please create the DSM to parse ...
Carbon Black Cloud Endpoint Protection DSM / Collection protocol for multi tenancy
We need to integrate Carbon Black Cloud Endpoint protection alerts and events from multi tenancy to our SIEM Qradar. We know that as of today : A Qradar application exists, created by Carbon Black and fully integrated (collection protocol, DSM for...
Support webhooks (Juniper MIST can only send logs via webhooks)
THere are some applications that can only send logs via webhooks. Juniper MIST is one of them. Please support webhooks so logs from Juniper MIST can be forwarded to QRadar SIEM. There is also a similar idea: QDSM-I-1721 with other application.
ForcePoint Cloud Proxy / Web Security Gateway DSM Support
Forcepoint Cloud Proxy doesn't support log forwarding mechanism to any SIEM solution. It would be very helpful and unique to get this support / DSM for QRadar as it will create a value. Since, proxies are an important security devices which every ...