List of Contributions

Nick Mumaw

Contact Details

My Content

1 to 20 of 33 total
Posted By Nick Mumaw Fri May 07, 2021 01:37 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
This works perfectly! Thanks for the help John! ------------------------------ Nick Mumaw ------------------------------
Posted By Nick Mumaw Fri May 07, 2021 08:42 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hey John, I am not sure that helps as I was trying to do it in the DockerFile that creates the container. I was thinking if I did it in the docker file to be part of the container creation then I am able to add this to the AppHost so that the file deploys with the AppHost. My understanding is that ...
Posted By Nick Mumaw Thu May 06, 2021 04:06 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I am fairly new to Docker and working on learning it. One of the questions is if I wanted to include a zip file that Docker will unzip and deploy in the container during deployment, how would I go about putting that file in my app to ensure that it when it deploys it is added to my container. Thanks ...
Posted By Nick Mumaw Wed May 05, 2021 04:36 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Setting up AppHost Development Environment in Windows Setup python virtual environment (optional) This can be useful when working on multiple integrations which are unrelated and require different packages to be installed. Install virtualenv (these steps are specific tovirtualenv but there ...
Posted By Nick Mumaw Wed March 03, 2021 01:11 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Awesome Alexander! Thanks for the help. After enabling that, it installed without problem. Thanks! ------------------------------ Nick Mumaw ------------------------------
Posted By Nick Mumaw Tue March 02, 2021 02:03 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I am working on standing up a quick development environment to build and test my apps and convert them to AppHost compatible. I am having trouble installing Resilient-SDK on my Windows 10 1909 environment. When I run pip install resilient-sdk in admin console I get the following error. ERROR: Could ...
Posted By Nick Mumaw Tue February 16, 2021 11:13 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I am wondering if anyone has setup the ODBC Query to work with Oracle DB. We have an Oracle DB that we pull user information from, and I see that it supports MariaDB, PostgreSQL and MySQL out of the box, but I am not sure what exactly I need to do to get it to work with Oracle. Anyone get this to work ...
Posted By Nick Mumaw Tue September 29, 2020 05:00 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
So I was thinking that we could finish that off with 1 total subcategory and a scrip that whenever one of the individual sub categories changes it updates the total subcategory for reporting purposes. These does seem overly complicated when trying to do something like the Mitre Attack frame work. where ...
Posted By Nick Mumaw Fri September 18, 2020 01:11 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I know that this would likely have to be a change in the coding of the application, but I am wondering what others have done to create a conditional select or multiselect field. We are working on moving our system tracking from NIST to Mitre and want to be able to track things like the main ...
Posted By Nick Mumaw Thu February 27, 2020 10:35 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Also if I could add one more thing, it would be nice if we can have some kind of template that would allow us to put the information gathered from the poller into the incident in the way that we want to as well as defined standard or default owners and other fields and artifacts. Thanks! ----- ...
Posted By Nick Mumaw Thu February 27, 2020 10:28 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I agree that is what I am seeing too. I just find that it is strange that basic functionality like doing a check for something then moving back to a previous point on a workflow is not capable. I would like to see this change as I don't think I should have to build another function to send emails when ...
Posted By Nick Mumaw Thu February 27, 2020 10:24 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Thanks again AnnMarie! I haven't started building this out yet, but this will help as I move to do this. ------------------------------ Nick Mumaw ------------------------------
Posted By Nick Mumaw Thu February 27, 2020 10:22 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hey Tamara, I appreciate that input. After doing what David suggested I noticed that I was getting incidents of delivered email that were URL. Well since they were delivered and determined that the URL was bad they were blocking it and is now not a concern. What I needed was the Issues API which from ...
Posted By Nick Mumaw Tue February 25, 2020 12:36 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hey Richard, I was just trying to figure out if it could do the same thing as the powershell script that I had. It used the subject/sender/receiver/date to look up emails in the delivery table to determine where emails went, then opened the mailboxes to delete the emails from each mailbox. Just ...
Posted By Nick Mumaw Tue February 25, 2020 11:57 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hey Igor, Sorry for the late response. I didn't see the response. Your understanding is correct. The problem I am having though is more in the second part. I want to create a loop basically in the workflow. My understanding in talking with IBM was that this is not possible. I need to take the DT that ...
Posted By Nick Mumaw Tue February 25, 2020 10:35 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Thanks! I also added a pass for clicksBlocked. Hopefully this will work! Also not sure if you know, but does this also update tickets that later get marked as false positives? Thanks! ------------------------------ Nick Mumaw ------------------------------
Posted By Nick Mumaw Tue February 25, 2020 09:35 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I don't know if this was the problem all along (probably since I didn't really change anything), but embarrassingly enough I ran res-keyring (I want to say again, but maybe not) and after setting the password I ran it again and it is working just fine. Thanks for the help! ------------------------------ ...
Posted By Nick Mumaw Mon February 24, 2020 01:04 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I apologize in the serious delay. Here is the output of what you requested. C:\Windows\system32>keyring --list-backends keyring.backends.chainer.ChainerBackend (priority: 0) keyring.backends.fail.Keyring (priority: 0) keyring.backends.Windows.WinVaultKeyring (priority: 5) ------------------------------ ...
Posted By Nick Mumaw Mon February 24, 2020 01:00 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
I was wondering if anyone else had determined how to filter out the blocked events. I could write a script to do this in Resilient, but I would prefer to not have a million incidents created that are going to be automatically closed. I see that I can filter based on URL or Attachment etc... I want to ...
Posted By Nick Mumaw Tue January 28, 2020 12:16 PM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Yes. I haven't left the CMD instance that I installed, set the res-key, and attempted to run resilient-circuits. ------------------------------ Nick Mumaw ------------------------------