Bots From Extension: ibm-qradar
IBM Security QRadar SIEM
This extension provides 4 bots.
Bot @ibm-qradar:assets
Bot Position In Pipeline: Source
List all assets in IBM QRadar
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
Parameter Name | Type | Default Value | Description |
---|---|---|---|
expand_interfaces | Text | yes | Expand Interfaces in response |
Bot *ibm-qradar:domains
Bot Position In Pipeline: Source
List all domains in IBM QRadar
This bot expects a Full CFXQL.
Bot applies the Query on the data that is already loaded from previous bot or from a source.
Bot *ibm-qradar:networks
Bot Position In Pipeline: Source
List all networks in IBM QRadar
This bot expects a Full CFXQL.
Bot applies the Query on the data that is already loaded from previous bot or from a source.
Bot @ibm-qradar:offenses
Bot Position In Pipeline: Source
List all offenses in IBM QRadar
This bot expects a Restricted CFXQL.
Each parameter may be specified using '=' operator and AND logical operation
Following are the parameters expected for this Bot
Parameter Name | Type | Default Value | Description |
---|---|---|---|
timestamp | DateTime | Timestamp to query the offenses from |