IBM Security QRadar SOAR

 View Only
  • 1.  Qradar App :: Incident Mapping Template

    Posted Wed August 19, 2020 06:44 PM
    Edited by Jasmine Thu August 20, 2020 03:07 AM
    Hi,

    I want to add log sources from offense to resilient incident. We can do this via enrichment. But this means extra api calls. Is there any way for send log sources to resilient via app? Seems that log source field doesn't exist in fields. Any advice about this issue would be appreciated.





  • 2.  RE: Qradar App :: Incident Mapping Template

    Posted Thu August 20, 2020 12:55 PM
    Still wondering why we can't access all nodes of offense and how we can do that without extra enrichment.

    ------------------------------
    Jasmine
    ------------------------------