IBM QRadar SOAR

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Arcsight Integration with IBM Resilient--API

    Posted Tue February 02, 2021 02:49 PM

    Hi All,

    Greetings of the day.
    I am happy to inform you that we did it finally. Please do let me know if you need any help.

    --
    Thanks,
    Ravi Sharma
    +91-8005941530 | ravi.sharma26888@gmail.com



    ------------------------------
    ravi sharma
    ------------------------------


  • 2.  RE: Arcsight Integration with IBM Resilient--API

    Posted Tue March 09, 2021 07:23 AM
    Hi Ravi,

    That is great. Feel free to open a Submission on the App Exchange to share the App with others in the Community: https://exchange.xforce.ibmcloud.com/hub/

    ------------------------------
    Shane Curtin
    Integrations Engineer - IBM Resilient
    ------------------------------

    Original Message


  • 3.  RE: Arcsight Integration with IBM Resilient--API

    Posted Tue March 09, 2021 11:33 AM
    Hi, Ravi - Congratulations on creating this integration - I hope it is popular and useful.

    We use the basic, built-in Resilient URL integration for creating Resilient Incidents from events of interest in ArcSight and a simple variant of Common Event Format (CEF) Syslog to signal back from Resilient to ArcSight on key events such as Incident closure.  However I would be very interested to review the functionality of your integration to determine if it has advantages in our context.  Do you have an overview that I might read?

    Thank you and best regards - Edwin Bolton

    ------------------------------
    Edwin Bolton
    ------------------------------

    Original Message