IBM QRadar SOAR

IBM QRadar SOAR

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  Creating SOAR Incidents from Elastic

    Posted Thu March 27, 2025 05:19 PM

    Hi Community -

    I wish to create SOAR Incidents from Elastic and would appreciate any thoughts on how to accomplish this. There does not appear to be an appropriate SOAR App up on the App Exchange. Elastic has a built-in "Connector" titled "IBM Resilient connector - Create an Incident in IBM Resilient" but when I configure it I get an Error: Status code: undefined. Message: Unknown API Error. The systems are on the same subnet.

    Thanks!



    ------------------------------
    ken ching
    ------------------------------


  • 2.  RE: Creating SOAR Incidents from Elastic

    Posted Thu March 27, 2025 05:40 PM

    Once one resolves SSL configuration issue the built-in Resilient Connector in Elastic works just fine.



    ------------------------------
    ken ching
    ------------------------------

    Original Message


Related Content