This category contains integration scenarios that use IBM Incident Response products.
System Integrations Courses:
Experts from the IBM Resilient and QRadar Support teams show the SOC analyst how to safely and effectively troubleshoot their Resilient integration with QRadar when issues arise. This video is a recording of a live Open Mic web seminar originally broadcast
- How to enable debug and retrieve logs
- Checking connectivity
- How to read the logs
- Using the IBM QRadar API
- Common errors
- Opening a case, what next?
- Questions for the panel
This video is a recording of the Resilient and QRadar Integration Open Mic web seminar originally broadcast on 17-November-2020.
- Part 1: IBM Resilient (SOAR) QRadar Integration App
- Configuration (JINJA template)
- AQL Attachment
- Syncing notes and offenses status
- Part 2: QRadar Functions for Resilient
- Installation of the Functions (AppHost)
- Examples and demonstration of functions, workflows, rules, and actions that extract the data from QRadar
- QRadar AQL Search
- Questions & Answers