Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an App
QRadar app icon

QRadar

This app supports generic, investigative, and ingestion actions on an IBM QRadar device

Built by Splunk Inc.
soar product badge
Latest Version 2.1.3
September 17, 2021
Compatibility
Not Available
Platform Version: 5.5, 5.4, 5.3, 5.2, 5.1, 5.0, 4.10, 4.9
Rating

0

(0)

Log in to rate this app
Support
QRadar support icon
Splunk Supported connector
Ranking

#1

in SIEM
This app supports generic, investigative, and ingestion actions on an IBM QRadar device

Supported Actions

  • test connectivity: Validate the asset configuration for connectivity. This action runs a quick query on the device to check the connection and credentials
  • list offenses: Get a list of offenses
  • list closing reasons: Get a list of offense closing reasons
  • get events: Get events belonging to an offense
  • get flows: Get flows that make up an offense for a particular IP
  • offense details: Get details about an offense
  • alt manage ingestion: Manage ingestion details
  • run query: Execute an ariel query on the QRadar device
  • add listitem: Add an item to a reference set in QRadar
  • close offense: Close an active offense, marking status=CLOSED
  • update offense: Attach a note to an offense
  • assign user: Assign the user to an offense
  • get rule info: Retrieve QRadar rule information
  • list rules: List all QRadar rules
  • on poll: Callback action for the on_poll ingest functionality

Categories

Created By

Splunk Inc.

Source Code

Type

connector
0

Licensing

Splunk Answers

Resources

Login to report this app listing