IBM Security QRadar SOAR

 View Only

  • 1.  Customer Question around Workflow/Rule Creation

    Posted Tue January 12, 2021 03:54 PM
    Posting for a Customer:

    Problem Description:
    We have come across a use case where we need to trigger a workflow based on an incident field being set to a specific value. Upon triggering this rule, we need to run a function against each artifact to add other enrichment data. For example: if custom_field == My_Value: for each artifact_of_type_x: run function and post function output back into incident

    Is there a way to handle something like this within the platform via rules/scripts/workflows?

    ------------------------------
    Miriam McCarthy
    ------------------------------


  • 2.  RE: Customer Question around Workflow/Rule Creation

    Posted Wed January 13, 2021 08:25 AM
    See my answer here: https://community.ibm.com/community/user/security/communities/community-home/digestviewer/viewthread?MessageKey=947f41d5-8926-4b48-8c24-2cfde9137b26&CommunityKey=d2f71e8c-108e-4652-b59c-29d61af7163e&tab=digestviewer#bm45336a21-8f5d-4f13-a216-c42969c026b4

    Ben

    ------------------------------
    Ben Lurie
    ------------------------------

    Original Message