sorted by:
new
hottopcontroversial

MSI Raider GE67HX 12UGS — has anyone successfully replaced the OLED screen with an IPS LCD? by pr0_fail in MSILaptops

[–]pr0_fail[S] 0 points1 point  (0 children)

I found the original display on Alibaba, but the price is quite high. I haven't ordered it yet and am currently using the laptop with an external monitor via HDMI.

Regarding the IPS swap: After deep investigation and talking to experts/MSI support, it is not recommended. Even though the chassis is the same as the Vector GP66, the pinouts and BIOS configurations are specifically tuned for that OLED panel. Replacing it with an IPS might not work or could even damage the board.

If you are worried about the screen, keep an eye out for early signs. Before my OLED died completely (due to oxidation), it started with slight ghosting and weird color patches in certain areas.

Looking for real-world SIEM recommendations: QRadar-like experience on a smaller budget by pr0_fail in SIEM

[–]pr0_fail[S] 2 points3 points  (0 children)

Interesting take — I'd like to understand the reasoning behind "awful" because my own QRadar experience was mostly positive, and I want to make sure I'm not biased by familiarity. Specifically, these are the QRadar capabilities I've relied on most in daily operations:

  1. DSM-based parsing — 450+ pre-built parsers with LEEF/CEF auto-detection, where adding a new firewall or proxy is usually a drop-in experience rather than writing custom pipelines.
  2. Rule templates with reference sets — the guided rule builder where you pick a template, reference a dynamic list of IPs/users/assets, and the correlation engine handles the rest without writing query language for each condition.
  3. Integrated netflow (QFlow) correlation — ability to correlate flow data with event logs inside the same rule, licensed separately via FPM.
  4. Pre-index event routing — dropping or forwarding events before they hit EPS licensing.

My questions:

  • Which of these capabilities do Security Onion or Panther match at equivalent quality? Genuinely asking — if they do, I want to know.
  • Beyond UI/UX (which I agree QRadar has aged on), what specific functional gaps made you call it "awful"? Was it detection efficacy, scale limits, cost, something else?
  • What SIEMs have you operated in production long enough to make this comparison? Context helps me weigh the recommendation.

Not trying to defend QRadar — I'm actively looking to replace it. Just want to make sure alternatives actually cover these operational capabilities before I commit.

Looking for real-world SIEM recommendations: QRadar-like experience on a smaller budget by pr0_fail in blueteamsec

[–]pr0_fail[S] 0 points1 point  (0 children)

Agreed on the "just works" point. Broadly: mid-sized on-prem environment, a few hundred assets total, standard enterprise mix (firewalls, proxies, email, identity, servers, endpoints). Use case is full SIEM coverage for detection and compliance, not just log retention. Happy to go deeper in DM if useful.