List of Contributions

Sajin MB

Contact Details

My Content

1 to 20 of 20 total
Posted By Sajin MB Mon May 20, 2019 06:24 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
@LILY WANG Thanks for the update. Do you have any documentation for doing this.as per the screen shot attached in the trail discussion , you can see we need to pass UID after connecting to Fidelis. How to do that.? Regards, Sajin MB​​ ------------------------------ Sajin MB ------------- ...
Posted By Sajin MB Fri May 17, 2019 08:20 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi Team, Hi Team, We need to Integrate Resilient with Fidelis for alert enrichment. We need to take more details of alert from Resilient through API call (attaching the screen shot that explains how to connect fidelis through API). Please help us to create workflow for this. Thanks & Regards, ...
Posted By Sajin MB Fri May 17, 2019 08:19 AM
Found In Library: IBM Security SOAR
Posted By Sajin MB Thu April 04, 2019 07:58 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
@Marty James Thanks. Can you explain in detail. How can we prevent the field editing by using script. can you give me sample script please. ​​​ ------------------------------ Sajin MB ------------------------------
Posted By Sajin MB Wed April 03, 2019 02:29 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi @Brenden Glynn, Thanks a lot for your suggestions. I have already voted this RFE. As you said , showing read only fields on Summary session may not be appealing . ------------------------------ Sajin MB ------------------------------
Posted By Sajin MB Mon April 01, 2019 08:40 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi Team, Incident details tab allows analysts to modify the incident details (please refer attached screen shot).Usually analysts should not modify the incident details . We have tried with user roles and disabled Edit Incidents role. But this will not allow user to even modify Members, owner ...
Posted By Sajin MB Wed March 20, 2019 09:58 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi @Andrew Wadsworth Thanks for the quick response. I have removed script from the workflow to understand where it stuck. Now the workflow contains only "sleep" function. Understood that problem is with this function and workflow keeps running when I check Actions -> workflow status even after sleep ...
Posted By Sajin MB Wed March 20, 2019 09:57 AM
Found In Library: IBM Security SOAR
Posted By Sajin MB Wed March 20, 2019 07:58 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi @Andrew Wadsworth I tried with 10 minutes sleep time(600 seconds)​ and even after sleep time workflow is still running. How to trouble shoot this. we cant see any logs related to this workflow in app.log file to trouble shoot. Please Help. ------------------------------ Sajin MB ---- ...
Posted By Sajin MB Tue March 19, 2019 10:20 AM
Found In Library: IBM Security SOAR
Posted By Sajin MB Tue March 19, 2019 10:20 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi @Andrew Wadsworth : Thanks a lot ​for your help. I have installed this package and it asks for time_in_seconds as input (eg : 60 seconds). Is there any other configuration we need to do it , since the workflow is not stopping even after 60 seconds. Please find screenshot of the workflow I have ...
Posted By Sajin MB Tue March 12, 2019 07:45 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
@Andrew Wadsworth we can't integrate resilient with our exchange server. can you provide the "sleeper" function so that we can set the filed value instead of ​sending email then we can send the notification from admin -> notifications. ------------------------------ Sajin MB ------------------- ...
Posted By Sajin MB Fri March 08, 2019 05:54 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
@Andrew Wadsworth Thanka a lot for the help. we cant integrate exchange server with Resilient. so is there any other way to send email. Can you explain how did you make "sleeper" function. Can you please share that. Instead of sending email from workflow we can set the variable assign some value ...
Posted By Sajin MB Wed February 27, 2019 11:13 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi Yes we have action module and we have some integrations running like we can serach from resiliient to splunk, we have integrated carbon black with resilient etc.. I just need to get an idea how and where we need to configure this script to check all open incidents. Regards, Sajin MB --- ...
Posted By Sajin MB Tue February 19, 2019 02:09 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
This is the requirement. Please let me know any feasible solution that we can try it out. When the Incident is generated in Resilient , incident status will be "New" . Analyst will change the status to "In Triage". Time difference between status "New" and "In Triage" is calculated as TTA(Time to ...
Posted By Sajin MB Wed January 30, 2019 04:23 AM
Found In Egroup: IBM Security QRadar SOAR
\ view thread
Hi Team, We are trying to integrate resilient with PagerDuty. Installed pagerduty function and passing all required fields like pd_service, pd_title,pd_escalation_policy etc. Updated API key in config file. we were able to successfully create incidents in pagerduty via API from postman tool. ...
Posted By Sajin MB Wed January 30, 2019 03:49 AM
Found In Egroup: Global Security Forum
\ view thread
Hi Mark, Thanks for the update. Regards, Sajin MB ------------------------------ Sajin MB ------------------------------
Posted By Sajin MB Mon January 28, 2019 07:43 AM
Found In Egroup: Global Security Forum
\ view thread
Hi Team, We are trying to integrate resilient with PagerDuty. Installed pagerduty function and passing all required fields like pd_service, pd_title,pd_escalation_policy etc. Updated API key in config file. we were able to successfully create incidents in pagerduty via API from postman tool. ...
Posted By Sajin MB Mon January 28, 2019 07:37 AM
Found In Egroup: Global Security Forum
\ view thread
Hi Team, We are trying to integrate resilient with PagerDuty. Installed pagerduty function and passing all required fields like pd_service, pd_title,pd_escalation_policy etc. Updated API key in config file. we were able to successfully create incidents in pagerduty via API from postman tool. ...
Posted By Sajin MB Mon January 28, 2019 12:48 AM
Found In Egroup: Global Security Forum
\ view thread
We are trying to integrate resilient with PagerDuty. Installed pagerduty function and passing all required fields like pd_service, pd_title,pd_escalation_policy etc. Updated API key in config file. we were able to successfully create incidents in pagerduty via API from other tools. But getting ...