IBM QRadar SOAR

IBM QRadar SOAR

Join this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

How to get data/artifact from SIEM to SOAR

  • 1.  How to get data/artifact from SIEM to SOAR

    Posted Thu March 27, 2025 12:08 PM

    How to use Data migration app and Qradar siem app (downloaded from app exchange) to fetch the data/artifacts/offence details inside SOAR.

    I tried the Qradar search function to get the details. How to use this data in playbook schema.

    Please find the attached ss below:

     



    ------------------------------
    Ashwini Chimurkar
    ------------------------------


  • 2.  RE: How to get data/artifact from SIEM to SOAR

    Posted Mon March 31, 2025 03:45 AM
    Edited by Yongwon Song Mon March 31, 2025 03:46 AM
    Hello, Ashwini
    I have a question.
    I don't understand exactly what you want. 
    Are you asking how to utilize the data from SIEM?
    Or
    Are you asking how to solve the problem because the data in the columns used in Select are None?



    ------------------------------
    Yongwon Song
    ------------------------------
    -------------------------------------------
    Original Message:
    Sent: Wed March 26, 2025 03:37 AM
    From: Ashwini Chimurkar
    Subject: How to get data/artifact from SIEM to SOAR

    How to use Data migration app and Qradar siem app (downloaded from app exchange) to fetch the data/artifacts/offence details inside SOAR.

    I tried the Qradar search function to get the details. How to use this data in playbook schema.

    Please find the attached ss below:

     



    ------------------------------
    Ashwini Chimurkar
    ------------------------------



Related Content