Albert, thanks for your enquiry. The simple answer is - yes you can! Most of your questions can be answered by the API documentation which is a live test environment inside the Qradar GUI. All GUI functions you are referring to are documented in the documentation. However there are a few challenges you have to workaround in your own program. The parameters are well documented there. The endpoint is whatever you want to use. The easiest way is to use curl for a basic test environment. You have to save your offense search 1st in order to get the results in the API. Please check the screens supplied for details.
------------------------------
[Karl] [Jaeger] [#ibmchampion]
[QRadar Specialist]
------------------------------
Original Message:
Sent: Mon August 04, 2025 11:09 PM
From: Albert Lius
Subject: QRadar API - Get the Event Details data from the offenses using API
Hello everyone, i have an question for using IBM QRadar API to get the detail event data from the Offense using API. The attachment is the step to get into the data i want to get using API, first of all we have to click one of the offense then click the event/flow count after that the pop up will show, then we edit search to add the Action-1 (custom) to the column and then search. Can i get the details data inside there using API? Whats the endpoint and the parameter to access inside there? Thank you
------------------------------
Albert Lius
------------------------------