IBM Security QRadar

Hi All,

We have successfully integrated the Qualys app with Qradar and also receiving logs. but on the dashboard.
Under summary, it  does  not display top trends for "Top 10 vulnerability"  and "Top 10 hosts not scanned in last 30 days"

We just have a message "Could not create ariel search"

As per my understanding, this is related to Ariel database in Qradar and if I understood correctly we might need to create a search.
But what would be the search parameters?
And how to get that searched data on the dashboard here in Qualys app.

This is my understanding of the issue? Need your inputs.

Regards
Asif Siddiqui

------------------------------
Asif Siddiqui
------------------------------

Asif
Can you give any tips on how you are successfully configured the app. What are your cron settings?
What IP address did you use for log source identifier? I have an app host .I have tried the IP of the app ID from the app host and the IP consoles docker IP.  I have followed instructions  1.01 from qualys pdf.
What did you use for server url. I just entered qualysapi.qualys.com.

------------------------------
Bruce Hutchinson
------------------------------

Original Message:
Sent: Mon July 29, 2019 05:37 AM
From: Asif Siddiqui
Subject: Qualys app for Qradar dosent display top trends

Hi All,

We have successfully integrated the Qualys app with Qradar and also receiving logs. but on the dashboard.
Under summary, it  does  not display top trends for "Top 10 vulnerability"  and "Top 10 hosts not scanned in last 30 days"

We just have a message "Could not create ariel search"

As per my understanding, this is related to Ariel database in Qradar and if I understood correctly we might need to create a search.
But what would be the search parameters?
And how to get that searched data on the dashboard here in Qualys app.

This is my understanding of the issue? Need your inputs.

Regards
Asif Siddiqui

------------------------------
Asif Siddiqui
------------------------------

I've been working w/ Qualys support - their scripts that run inside their docker container are having issues running.
I've had a ticket open w/ them for the past couple of months and had a few webex sessions.
FYI,
Troy

------------------------------
Troy Barnhart
------------------------------

Original Message:
Sent: Mon July 29, 2019 05:37 AM
From: Asif Siddiqui
Subject: Qualys app for Qradar dosent display top trends

Hi All,

We have successfully integrated the Qualys app with Qradar and also receiving logs. but on the dashboard.
Under summary, it  does  not display top trends for "Top 10 vulnerability"  and "Top 10 hosts not scanned in last 30 days"

We just have a message "Could not create ariel search"

As per my understanding, this is related to Ariel database in Qradar and if I understood correctly we might need to create a search.
But what would be the search parameters?
And how to get that searched data on the dashboard here in Qualys app.

This is my understanding of the issue? Need your inputs.

Regards
Asif Siddiqui

------------------------------
Asif Siddiqui
------------------------------

We have the same problem.
We have 7.3.2 version of QRadar. Once integrated with Qualys following the same steps that Bruce, the info is not correctly displayed. It seems like the knowledgebase is not correctly upadted.


------------------------------
Adrian Pascual Fernandez
------------------------------

Original Message:
Sent: Tue September 24, 2019 12:06 PM
From: Troy Barnhart
Subject: Qualys app for Qradar dosent display top trends

I've been working w/ Qualys support - their scripts that run inside their docker container are having issues running.
I've had a ticket open w/ them for the past couple of months and had a few webex sessions.
FYI,
Troy

------------------------------
Troy Barnhart

Original Message:
Sent: Mon July 29, 2019 05:37 AM
From: Asif Siddiqui
Subject: Qualys app for Qradar dosent display top trends

Hi All,

We have successfully integrated the Qualys app with Qradar and also receiving logs. but on the dashboard.
Under summary, it  does  not display top trends for "Top 10 vulnerability"  and "Top 10 hosts not scanned in last 30 days"

We just have a message "Could not create ariel search"

As per my understanding, this is related to Ariel database in Qradar and if I understood correctly we might need to create a search.
But what would be the search parameters?
And how to get that searched data on the dashboard here in Qualys app.

This is my understanding of the issue? Need your inputs.

Regards
Asif Siddiqui

------------------------------
Asif Siddiqui
------------------------------