Advanced Lab Setup
Introduction
The QRadar SIEM labs that come after this lab require demo scripts and sample data files that are not included in the virtual QRadar environment used for the previous lab. We need to download a zip file directly to the QRadar server and unpack it.
If you are using the WireGuard VPN configured in 101: QRadar Demo Setup to access the demo environment then you can perform the following activities from your workstation. If you have not configured VPN access you can perform the activities from the jump server.
Download the Zip File
-
Log into the QRadar server:
ssh root@172.16.60.10
bashThe password is: "Q1d3m0".
-
Create a directory for the extended lab data file:
cd /labfiles
bashmkdir extended
bashcd extended
bash -
Download the zip file from IBM Cloud Object Storage:
curl https://s3.us-south.cloud-object-storage.appdomain.cloud/jeffa-qradar-siem-labfiles/labfiles.zip -o labfiles.zip
bashThe above command is longer than the text widget, so make sure to use the copy icon to copy the full text.
-
Uncompress the file:
unzip labfiles.zip
bash -
This is a big file, so let's remove the zip file to free up some storage space:
rm labfiles.zip
bash
Summary
That's it - the script and data files we'll need for the extended labs are now on the QRadar server.
Let's go have some fun...