Learn the QRadar API in six minutes

25 June 2014
PDF (99 KB)
 

Learn to use the QRadar API in six minutes

06:23  |  Transcript

Jose Bravo

Systems Engineer and Authorization Security Expert, IBM Security Tiger Team

 

Get the latest on IBM Security Intelligence and Big Data

Get the latest on IBM security intelligence and big data. Use IBM solutions to uncover actionable insights into modern, advanced data threats. Read this whitepaper and learn about:

Download "Extending security intelligence with big data solutions."

In this demonstration video, Jose Bravo first uses the QRadar console to perform a common task.

READ:IBM Security QRadar SIEM

He opens up the "High Risk" saved search to retrieve the current list of high-risk vulnerabilities that have been detected. He demonstrates how to pivot through the different views of the saved search.

Next, he demonstrates how to perform the same task programatically. He uses a REST client on his Mac. He demonstrates how to set the URL for the API in the client and how to use the QRadar console to generate the necessary authentication tokens to authorize an application to make programmatic queries. Then he shows how to set up the headers necessary with the authentication tokens. Next, he sets the version token in the client so the QRadar server will know which version of the API the client is invoking. Finally, he demonstrates how to code the REST client to invoke the saved search API.

Now that the API request is set, he uses the REST client to invoke the API, check the return code, and browse the results to see the list of high-risk vulnerabilities returned from the search.


RELATED TOPICS:Security on developerWorks blogsecurity on developerWorks newsletter@dWSecurity on Twitter

Add a comment

Note: HTML elements are not supported within comments.


1000 characters left

developerWorks: Sign in

Required fields are indicated with an asterisk (*).


Need an IBM ID?
Forgot your IBM ID?


Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.

 


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name



The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.

 


All information submitted is secure.

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Security
ArticleID=975137
ArticleTitle=Learn the QRadar API in six minutes
publish-date=06252014