-
When using the Hive and the Synapse Qradar integration it would be very useful if you could specify the Qradar closure reason when closing an alert or case related to an Offense.
By default the Sy…
-
**Kibana version:** 8.4-SNAPSHOT
**Describe the bug:**
We should update our Docs and some in-product references to IBM Resilient connector. Resilient changed names to 'IBM Security QRadar SOAR' i…
-
The platform supports TAXII 2.1, but most of SIEMs and EDRs supports TAXII 1.x or 2.0.
There is any way to let the platform support TAXII 2.0?? (or integration with OpenTaxii server directly)
Wo…
-
Hi! Just stumbled upon your project, looks really cool.
I'm currently building a detection-as-code pipeline for QRadar SIEM, but using pySigma, since sigmac is deprecated.
Is there any plan to su…
-
There seem to be various issues with this sample.
`metadata.version` is set to a value that is not reasonable. OCSF Version 7.5.0 does not exist.
https://github.com/ocsf/examples/blob/12802e239cc2…
-
### Community Note
* Please vote on this issue by adding a 👍 [reaction](https://blog.github.com/2016-03-10-add-reactions-to-pull-requests-issues-and-comments/) to the original issue to help…
-
When clicking START the maps don't draw any lines.
The proper IP and token were added.
Tested the queries in Qradar and they work.
Tested them in the restapi and they work.
-
Using the App creator, OpenAPI or Python directly:
Minimal use-cases (if possible):
* Search
* Send event TO SIEM
* Get Search results
* Create Saved Search
* Create Alert from Search (sends w…
-
Hi Teja Ramachandran,
I am looking for the Script, which can detect Malicious C2 connections and domains using Cisco IPS logs.We have splunk SIEM. I need a script similar to your "Qradar " script. …
-
Using QRadar 7.2.4 Patch 5 it can not find ssl Module as submodule from urllib2. All the other import statements work correctly. If a newer version of Python is required it should be noted somewhere.