QRadar XDR

  • 1.  Universal cloud rest api

    Posted Tue September 21, 2021 10:31 AM
    good afternoon everyone,

    i am new to qradar. I am using qradar on cloud. I try to use the universal cloud rest api but I have not found it. is this module supported by the qradar cloud or not?
    thank you in advance.

    naeel mostafa

  • 2.  RE: Universal cloud rest api

    Posted Mon November 01, 2021 10:23 AM
    I am not sure it the question relates to QRadar on Cloud instances or collecting data from IBM Cloud as the events source...
    Nevertheless, there are a number of sources already supported for event collection using REST API; you can check the actual DSM guide (here is a short link I created a while ago).
    You would probably use the Universal Cloud REST API protocol in case you have something that is not supported out of the box. For the sample workflows available on github, IBM (understandably) cannot offer support - but I am sure they can be quite helpful. Probably you've already found the short intro on youtube by Jose Bravo.

    Dusan VIDOVIC