would like to know if anyone has done similar. I want qradar to connect to firewall over API and tell firewall to drop that traffic.
we use Cisco firepower management center (FMC) which supports API access to firewall. can qradar custom action call in API pass the destination IP value to firewall and drop traffic.
------------------------------
s 3k
------------------------------