Select Page

QRadar

Welcome Forums Integrations QRadar

Viewing 1 post (of 1 total)
  • Author
    Posts
  • #1630
    Mike RiforgiateMike Riforgiate
    Keymaster

    In QRadar

    1. Open the Admin settings:

    • In IBM Security QRadar V7.3.0 or earlier, click the Admin tab.
    • In IBM Security QRadar V7.3.1 and later, click the navigation menu (Icon for main navigation menu), and then click Admin to open the admin tab.

    2. In the User Management section, click Authorized Services.
    3. On the Manage Authorized Services window, click Add Authorized Service.
    4. Add the relevant information in the following fields and click Create Service for each service (Admin and Limited) you want to create:

    • In the Service Name field, type a name for this authorized service. The name can be up to 255 characters in length. Recommend using WitFoo
    • From the User Role list, select the Admin role for the user type.
    • From the Security Profile list, select the security profile that you want to assign to this authorized service. The security profile determines the networks and log sources that this service can access on the QRadar user interface.
    • In the Expiry Date list, type or select a date that you want this service to expire. If an expiry date is not necessary, select No Expiry.

    5. Click the row that contains the service you created, select and copy the token string from the Selected Token field in the menu bar, and close the Manage Authorized Services window.
    6. Deploy changes for the new authorized service tokens to take effect.

    In WitFoo Precinct

    1. Go to Settings -> Admin -> QRadar

    2. Paste the Token into interface with the QRadar server FQDN or IP Address.

    3. Toggle the Enable button, hit save.

    4. Test the connection with the test button.

Viewing 1 post (of 1 total)
  • You must be logged in to reply to this topic.