IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  How to get Office 365 events in to Qradar.

    Posted Mon February 01, 2021 10:47 AM
    Hi All,

    We have a requirement where we need to integrate Office 365 with IBM Qradar. Basically we need below alert in Qradar,

    Could you all help in this, How can we accomplish this. 



    Regards
    Asif Siddiqui

    ------------------------------
    Asif Siddiqui Senior Security Analyst
    ------------------------------


  • 2.  RE: How to get Office 365 events in to Qradar.

    Posted Fri February 19, 2021 12:12 PM
    Asif,
    pls check https://community.ibm.com/community/user/security/blogs/wendy-willner/2021/02/04/qradarmicrosoft-office-365-integration-update
    BR
    Karl

    ------------------------------
    [Karl] [Jaeger] [Business Partner]
    [QRadar Specialist]
    [pro4bizz]
    [Karlsruhe] [Germany]
    [4972190981722]
    ------------------------------

    Original Message


  • 3.  RE: How to get Office 365 events in to Qradar.

    Posted Mon February 22, 2021 08:12 AM
    Hi Asif,

    consider, that you may need the O365 E5 Subscription to be able to integerate. With E5 you should be able to configure in the Azure Active Directory Admin Center the prerequisits and necessary account details. You'll need those informations to configure the requested parameters in the qradar logsource described for the log source in the qradar dsm guide.

    Regards,
    Ralph

    ------------------------------
    Ralph Belfiore
    IT Security Senior Consulting
    pro4bizz GmbH
    Karlsruhe
    +49 721 90981720
    ------------------------------

    Original Message


Related Content