IBM QRadar SOAR

IBM QRadar SOAR

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Unable to Extract IOC's from .CSV file present in attachement of an Incident

  • 1.  Unable to Extract IOC's from .CSV file present in attachement of an Incident

    Posted Wed March 01, 2023 08:35 AM

    Hello Team,

    I have an incident with .CSV file as an attachment. I tried "Parse IOC's" but it does not extract the IOC's from the CSV.

    I need to extract IOC's and add them as an artifact of an incident.



    ------------------------------
    Swapnil Rupnawar
    ------------------------------



  • 2.  RE: Unable to Extract IOC's from .CSV file present in attachement of an Incident

    Posted Thu March 02, 2023 12:34 AM

    Hi Swapnil,

    Try this App. https://exchange.xforce.ibmcloud.com/hub/extension/9946cd989d74ab08cb03bb64c00b2ecb



    ------------------------------
    Ragavendran Lakshminarasimhan
    ------------------------------

    Original Message


  • 3.  RE: Unable to Extract IOC's from .CSV file present in attachement of an Incident

    Posted Thu March 02, 2023 02:37 AM

    Hi Ragavendran,

    Thanks for the details .This is useful, this help me out.



    ------------------------------
    Swapnil Rupnawar
    ------------------------------

    Original Message


Related Content