IBM QRadar

IBM QRadar

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

View Only

Back to discussions

Expand all | Collapse all

ServiceNow Integration - how to fetch events automatically

1. ServiceNow Integration - how to fetch events automatically

Like
Michele Menciassi
Posted Mon May 12, 2025 01:28 PM

Reply
Hi All,

for a client we are developing an integration to in ingest new QRadar offences to Security Incident Response (SIR) on ServiceNow.
The integration works fine using the plugin "IBM QRadar Offense Ingestion for Security Operations" but we need to fetch also events data too, so for this reason we installed and configured the plugin "IBM QRadar Integration for Security Operations" for the enrichment of SIR.

It seems is possible fetching offence events manually by an action present on the SIR, but I didn't found a way to automatically enrich the SIR with event data.

There is a way to enable the enrichment and perform it automatically?

------------------------------
Michele Menciassi
------------------------------

IBM QRadar

ServiceNow Integration - how to fetch events automatically

1. ServiceNow Integration - how to fetch events automatically

Additional
Resources

Office

Quick Links

IBM QRadar

ServiceNow Integration - how to fetch events automatically

1. ServiceNow Integration - how to fetch events automatically

Related Content

IBM Security QRadar Premier Apps: IBM QRadar Integration with 3rd party Configuration Management Databases

Data/Offense Enrichment with CMDB

Tracing the Offence magnitude change

Spotlight: IBM Security ReaQta EDR + QRadar SIEM integration

SAP BTP integration with IBM Security QRadar Suite unlocks greater security

Additional Resources

Office

Quick Links

Additional
Resources