In MaaS360 I would need to create an account that does not expire the password so I can use it to connect the MaaS360 as a logsource to QRadar.
If I create an account with the settings below, it will likely expire the password after some time.
An error is displayed in the QRadar MaaS360 settings logsource "Error - Unable to login to IBM Fiberlink REST API!"
The account used has the following roles:
Administrator
Administrator - Level 2
Portal Administrator
Read-Only
Service Administrator
How to properly create a MaaS360 account for this purpose?
------------------------------
Martin Hansgut
------------------------------