This is the purpose of Custom Action Scripts in QRadar. Custom actions can run as a rule response in QRadar and take values from the event payload to run within the script parameters you create. Custom actions run within a jail shell, meaning that they cannot interact with QRadar directly, but can make API calls and do outside functions for non-QRadar systems, like opening tickets, passing data, pretty much anything. Basically, the jail shell can only modify or alter files on QRadar within the shell itself, but actions outside of QRadar are possible for whatever function you need to complete.
For review: https://www.ibm.com/docs/en/qsip/7.5?topic=actions-passing-parameters-custom-action-script
------------------------------
Jonathan Pechta
QRadar Support Content Lead
Support forums: ibm.biz/qradarforums
jonathan.pechta1@ibm.com------------------------------