Skip to content

Bots From Extension: ibm-qradar

IBM Security QRadar SIEM

This extension provides 4 bots.





Bot @ibm-qradar:assets

Bot Position In Pipeline: Source

List all assets in IBM QRadar

This bot expects a Restricted CFXQL.

Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot

Parameter Name Type Default Value Description
expand_interfaces Text yes Expand Interfaces in response







Bot *ibm-qradar:domains

Bot Position In Pipeline: Source

List all domains in IBM QRadar

This bot expects a Full CFXQL.

Bot applies the Query on the data that is already loaded from previous bot or from a source.







Bot *ibm-qradar:networks

Bot Position In Pipeline: Source

List all networks in IBM QRadar

This bot expects a Full CFXQL.

Bot applies the Query on the data that is already loaded from previous bot or from a source.







Bot @ibm-qradar:offenses

Bot Position In Pipeline: Source

List all offenses in IBM QRadar

This bot expects a Restricted CFXQL.

Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot

Parameter Name Type Default Value Description
timestamp DateTime Timestamp to query the offenses from