Message Image

Log in

Skip to main content (Press Enter).

Skip auxiliary navigation (Press Enter).

IBM Security Join our 16,000+ members as we work together to overcome the toughest challenges of cybersecurity. Join the Community

Skip main navigation (Press Enter).

Cloud Pak for Security

View Only

Expand all | Collapse all

Connect qradar to CP4S

Maren SindlingerThu October 21, 2021 01:36 PM

Hey All, I want to be able so send offenses to SOAR. The QRadar connection in CP4S is working. I need ...

Erwin FriethoffThu October 21, 2021 05:56 PM

Hi Maren, url Prefix: cases-rest stomp port:443 stomp host can be found in two ways: Log in onto ...

1. Connect qradar to CP4S

1 Like
Maren Sindlinger
Posted Thu October 21, 2021 01:36 PM

Reply
Hey All,

I want to be able so send offenses to SOAR. The QRadar connection in CP4S is working.

I need to configure the
QRadar SOAR Plugin

But how do I get the STOMP Parameters?
- url prefix
- STOMP Host
- STOMP Port

I was guessing and I get the following error:

QRadar token test failed. 401 Client Error: 401 for url: https://qradarz.cyberlab.systems/api/siem/offense_closing_reasons

Any ideas?

------------------------------
Maren Sindlinger
------------------------------
2. RE: Connect qradar to CP4S

1 Like
Erwin Friethoff
Posted Thu October 21, 2021 05:56 PM

Reply
Hi Maren,
url Prefix: cases-rest
stomp port:443

stomp host can be found in two ways:
Log in onto the openshift management console, select your cp4s project and look at routes
or
log in onto your openshift platform on the command line and use
oc project << your project name for cp4s >>
oc get routes

and make sure the api key you use is created under cp4s >> application settings >> case management >> permissions and access >> users >> tab "API keys"

------------------------------
Good luck,
Erwin
------------------------------

Original Message

Powered by Higher Logic