IBM QRadar SOAR

IBM QRadar SOAR

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Creating Incident from Data Table value change

  • 1.  Creating Incident from Data Table value change

    Posted Mon July 11, 2022 02:34 AM
    Hi,

    I am looking for a script/function to create incident from a value change in a Data Table.

    Can anyone advise something here.

    ------------------------------
    Neeraj Kurmanchali
    ------------------------------


  • 2.  RE: Creating Incident from Data Table value change

    Posted Tue July 12, 2022 08:20 AM
    Hi
     
    I'd try something like this.
     
    customization settings -> rules -> new automatic rule
     
    object type: data table
     
    conditions: row is modified
     
    workflows: specify a workflow that creates a new incident (e.g. use fn utilities to make a rest call to your own resilient REST API)


    ------------------------------
    []

    Leonardo Kenji Shikida
    ------------------------------

    Original Message


  • 3.  RE: Creating Incident from Data Table value change

    Posted Wed July 13, 2022 07:52 AM
    Thanks .

    Will try to achieve with this approach.

    ------------------------------
    Neeraj Kurmanchali
    ------------------------------

    Original Message


Related Content