IBM QRadar SOAR

 View Only
Expand all | Collapse all

Automatically create case for alerts ingested by QRadar - experts?

  • 1.  Automatically create case for alerts ingested by QRadar - experts?

    Posted Thu August 17, 2023 01:28 PM

    Hi

    not even sure if my enquiry fits in her. Early August offense forwarder app has been released.

    this can feed an ingestion data source in CP4S and will open cases automatically there.

    If there is anybody out there testing the same invironment (ours is classified as beta) pls respond.

    Would be nice to share experiences.

    Best Regards 

    Karl



    ------------------------------
    [Karl] [Jaeger] [Business Partner]
    [QRadar Specialist]
    [pro4bizz]
    [Karlsruhe] [Germany]
    [4972190981722]
    ------------------------------


  • 2.  RE: Automatically create case for alerts ingested by QRadar - experts?

    Posted Tue August 29, 2023 12:50 PM

    Seems like its to early for other users for combining traditional and cloud based QRadar. Wendy Batten has posted a nice demo 4 days ago see

    https://community.ibm.com/community/user/security/discussion/ibm-security-qradar-soar-demo?ReturnUrl=%2fcommunity%2fuser%2fsecurity%2fcommunities%2fcommunity-home%2fdigestviewer%3fcommunitykey%3dd2f71e8c-108e-4652-b59c-29d61af7163e

    If you want to read the latest docu on log Insights and offense forwarder look at https://www.ibm.com/docs/en/security-qradar/log-insights/saas?topic=overview-setting-up-qradar-offenses-forwarder

    Any questions are welcome. Here are two scrrenshots to give you an idea on alert casesautomatically created from offenses 

    Regards

    Karl



    ------------------------------
    [Karl] [Jaeger] [Business Partner]
    [QRadar Specialist]
    [pro4bizz]
    [Karlsruhe] [Germany]
    [4972190981722]
    ------------------------------

    Original Message