IBM Security QRadar SOAR

 View Only
Expand all | Collapse all

How can I trigger workflow without IBM Qradar offense in IBM Resilient?

  • 1.  How can I trigger workflow without IBM Qradar offense in IBM Resilient?

    Posted Tue April 19, 2022 06:49 AM

    Hi team,

    How can we run a workflow on IBM Resilient based on a query from Splunk? For example, workflow runs automatically when there is a malware type offense from IBM Qradar. But can I automatically trigger a workflow in IBM Resilient with the output of a query that runs at certain intervals in Splunk?


    #Support
    #SupportMigration
    #QradarSOAR


  • 2.  RE: How can I trigger workflow without IBM Qradar offense in IBM Resilient?

    Posted Fri April 29, 2022 11:38 AM
    We can create incident with "IBM Resilient/SOAR Splunk Add-on". Based on the result of the search, an incident can be created as an action.

    https://splunkbase.splunk.com/app/3861/


    #Support
    #SupportMigration
    #QradarSOAR