IBM Security QRadar SOAR

 View Only
  • 1.  Arcsight Integration with IBM Resilient--API

    Posted Tue February 02, 2021 02:49 PM

    Hi All,

    Greetings of the day.
    I am happy to inform you that we did it finally. Please do let me know if you need any help.

    --
    Thanks,
    Ravi Sharma
    +91-8005941530 | ravi.sharma26888@gmail.com



    ------------------------------
    ravi sharma
    ------------------------------


  • 2.  RE: Arcsight Integration with IBM Resilient--API

    Posted Tue March 09, 2021 07:23 AM
    Hi Ravi,

    That is great. Feel free to open a Submission on the App Exchange to share the App with others in the Community: https://exchange.xforce.ibmcloud.com/hub/

    ------------------------------
    Shane Curtin
    Integrations Engineer - IBM Resilient
    ------------------------------



  • 3.  RE: Arcsight Integration with IBM Resilient--API

    Posted Tue March 09, 2021 11:33 AM
    Hi, Ravi - Congratulations on creating this integration - I hope it is popular and useful.

    We use the basic, built-in Resilient URL integration for creating Resilient Incidents from events of interest in ArcSight and a simple variant of Common Event Format (CEF) Syslog to signal back from Resilient to ArcSight on key events such as Incident closure.  However I would be very interested to review the functionality of your integration to determine if it has advantages in our context.  Do you have an overview that I might read?

    Thank you and best regards - Edwin Bolton

    ------------------------------
    Edwin Bolton
    ------------------------------