Posted By
Ihor Husar
Tue November 10, 2020 08:10 PM
Found In
Egroup:
IBM Security QRadar SOAR
\
view thread
Hello Jasmine, It is not unsafe, qradar_id is already a part of the case, and QRadar would require log in. What you could do is to have a script started at the creation of the incident, that would take qradar_id and insert it into the pattern you've listed above, and list it as a note, or wherever you'd ...
|