QRadar CE – CentOS installation



THERE IS A NEWER VERSION OF THIS VIDEO, Use this one instead https://youtu.be/V7l0jWanKiw

Note: I was just told by a user that for installing QRadar CE on CENTOS you can ONLY do that using the minimal version and not the Everything ISO.

CentOS Minimal ISO: https://www.centos.org/download/

QRadar CE: https://developer.ibm.com/qradar/ce/

Learning Academy: https://www.securitylearningacademy.com/

QRadar CE Installation: https://youtu.be/2ButNPY4nLQ

PDF with additional videos:
https://ibm.ent.box.com/s/ich0yyiw54y0ek6s9a66xvtjku8e42rc

24 thoughts on “QRadar CE – CentOS installation

  1. dear Jose,
    How i can to install Qradar CE alongside of my CentOS 7.x !?
    I don't want to install in on VMWare or VirtualBox and etc…. !
    Because my system resources is weak and i have many lags when i'm working with latest Qradar.
    My idea is to use it as an linux application like Apache, Nginx, etc… within my CentOS and not through virtualization. is it possible !??
    tnx a lot :X

  2. Short answer is no, you will need to hack the os to fool the installer, but most important is that there are newer versions of the CE videos for version 7.3.1

  3. Dear Jose,

    while installation i am getting below error, could you please assist.

    OK: Free space checks passed.
    ERROR: Community Edition requires CentOS Linux or Red Hat Enterprise Linux release 7.5. Found CentOS Linux release 7.6.1810 (Core)
    OK: Community Edition RAM check passed.
    Installing new kernel RPM
    Loaded plugins: fastestmirror
    Loading mirror speeds from cached hostfile
    * base: repo.boun.edu.tr
    * extras: repo.boun.edu.tr
    * updates: repo.boun.edu.tr
    Package kernel-3.10.0-957.1.3.el7.x86_64 already installed and latest version

    ** ERROR: Community Edition requires CentOS Linux or Red Hat Enterprise Linux release 7.5. Found CentOS Linux release 7.6.1810 (Core)
    Press enter to close screen

  4. Hi Jose,

    I get that you can't set up QRadar with a dynamic address, and I think I remember right that it won't accept a 192.168.* address. If I set my home router up to use Quad9 for DNS, the resolv.conf points to 9.9.9.9: is that also the gateway address?

  5. Hello Rob Kirkland, while I published the video in Nov 2017, The "IMPORTANT NOTE:" I added a few weeks back. I am pretty sure some developers read these comments and are aware and I hope will be delivering a new version where those problem should be corrected.

  6. Jose, according to your comments published November 6, 2017, the process demo'd in this video is broken and you will create a new demo video after "the 7.3.2 Version" arrives. Nine months later I see at https://developer.ibm.com/qradar/ce/ that version 7.3.1 is "coming soon".
    Question: Did you mean 7.3.1 when you wrote 7.3.2?
    Question: Meanwhile, do you know of a definitive, step-by-step description of the QRadar CE installation process that will result in a working installation?
    I have spent 10s of hours watching and following the steps in your video, reading and applying the workarounds/fixes described in this and other forums, and at every step along the way encountering yet more problems blocking my path to a working installation of this product. I am very disappointed and discouraged. QRadar CE seems to be your baby, so I'm looking to you to lead the community out of this wilderness, hopefully some time before version 7.3.2, not even announced yet, becomes available. Thank you.

  7. Can anyone help me with the below error
    one of the configured repositories failed (centos-7 – Gluster 3.8)
    Yum operation "Installing QRADAR RPMs Failed
    after downloading some packages and i am connected directly to internet

  8. It did not work for me. In my case, I did install the cent os 7.1 successfully but it started showing them the error during the qradar post installation setup–
    ERROR: Yum operation 'upgrading installed RPM's failed!
    [setup]: OnExitTasks()
    Have tried doing it several times by now..

  9. Thank you for the step by step guide! I am installing QRadar on a VM in virtualbox. I use two adapters NAT (to connect to the internet) and host-only (for host-guest communication). Which of these IPs should I put in the network configuration step?

  10. After all the steps provided I couldn't connect to the internet (via ping), not sure if I missed something but I did it step by step. Anyone with the same issue who knows how to troubleshoot?

  11. This was fantastic thank you – point of interest, I spun up a CentOS GNOME instance on the side which configures the networking automatically then used that information to find the various details required for the files in this video, in relation to my own machine. Great video, thank you.

  12. I did everything step by step. But I cannot ping the external world (I get a "could not resolve host" message; I'm on VMWare Fusion and Mac OS). I'm stuck as I don't know what else I need to try (not much of a vi or a CentOS user myself).

  13. I have tried this and I can ping everywhere from centOS but I can't ping the centos from the host "request timed out", thus I can't transfer the QRader ISO

  14. Michael Hunt: I noticed when doing different installs of the product is that if you install CentOS on an ESXi host, the default nic will be ens160 instead of ens33.

Leave a Reply

Your email address will not be published.