Hi
there are two answers on that:
the 1st is how to handle JSON and CSV in general using .py scipts. https://community.ibm.com/community/user/security/blogs/ralph-belfiore1/2022/11/10/network-hierarchy-management contains an excellent example written by Ralph
the 2nd is using your Qradar as ingestion data source in CP4S and automatically create cases using the offense forwarder app in your Qradar 7.5.0. The functionality will get integrated in new Qradar+ in Q2 2024. You dont need a special response, just use the offense response.
------------------------------
[Karl] [Jaeger] [Business Partner]
[QRadar Specialist]
[pro4bizz]
[Karlsruhe] [Germany]
[4972190981722]
------------------------------
Original Message:
Sent: Tue January 16, 2024 06:06 AM
From: Kavita K
Subject: Is it possible to create CSV file from json response & attached into incident in CP4s?
------------------------------
Kavita K
------------------------------