Question & Answer
Question
Where do I find the API sample code that is published with each version of QRadar?
Answer
1. Is there a repository for QRadar API code samples?
QRadar API samples are stored in a GitHub repository for each version of QRadar. As new versions of QRadar are released, a new link will be posted with code samples to help customers leverage APIs and features.
Master list of API samples
- QRadar 7.2.1 Code Samples: https://github.com/ibmqradar/api-samples/tree/7.2.1
- QRadar 7.2.2 Code Samples: https://github.com/ibmqradar/api-samples/tree/7.2.2
- QRadar 7.2.3 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.3
- QRadar 7.2.4 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.4
- QRadar 7.2.5 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.5
- QRadar 7.2.6 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.6
- QRadar 7.2.7 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.7
- QRadar 7.2.8 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.8
These samples are provided for educational use. When you download the code samples, you are presented with the IBM developerWorks terms of use. You should read the terms of use before you download the code samples and you must agree to the terms to download the files.
2. Where do I run the code samples?
API sample scripts downloaded from the GitHub page should not be run directly on a QRadar appliance. The code samples downloaded from the GitHub page are intended to run on an outside system to poll data from QRadar. QRadar does not run Python 3.3 and the requirements for Python 3.3 is intended for the outside host that is running the code samples. QRadar cannot be upgraded to Python 3.3 as this will cause system-wide issues. Administrators should never be installing any RPMs on their QRadar Console, unless the files come from IBM Fix Central.
Figure 1: Image displays that the code samples never run on QRadar, but instead an external host
3. What are the requirements to run the code samples?
API code sample version | QRadar Requirements | Requirements for external host |
Samples 7.2.1 | QRadar 7.2.1 (any patch level) | Python 3.3 |
Samples 7.2.2 | QRadar 7.2.2 (any patch level) | Python 3.3 |
Samples 7.2.3 | QRadar 7.2.3 (any patch level) | Python 3.3 |
QRadar 7.2.4 | QRadar 7.2.4 (any patch level) | Python 3.3 |
QRadar 7.2.5 | QRadar 7.2.5 (any patch level) | Python 3.3 |
QRadar 7.2.6 | QRadar 7.2.6 (any patch level) | Python 3.3 |
QRadar 7.2.7 | QRadar 7.2.7 (any patch level) | Python 3.3 |
4. Are the code samples are specific to your QRadar version?
Yes. Users can verify the software version on the Console from the Dashboard tab, by selecting the Help > About. Users and administrators should download the appropriate code samples for the QRadar version. A branch is created for each QRadar version and users can download the specific branch for their QRadar version.
Figure 2: Select the proper branch to download API samples specific to your QRadar version.
5. When are new code samples posted?
As major QRadar updates are released, new code samples will be attached to this article to help customers leverage new API features.
6. How do I get help?
If you have a question, comments, ideas, or feedback, you can open a new question in the dW Answers forum using the tags: qradar and API.
If you have issues with the API code samples for a specific QRadar version, you can raise an issue directly from the GitHub user interface. When you create an issue, GitHub directly emails the developer with your comments so any defects can be reviewed in more detail.
Figure 3: GitHub report issue button to get assistance with software posted to the IBM GitHub page.
7. Do the samples work with different operating systems?
Yes, we have tried the code samples posted below on Windows, Apple OSx, and Linux. If you have an issue with a specific operating system and our GitHub samples, open an issue in GitHub to let us know.
[{"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Admin Console","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0;7.1;7.2","Edition":"All Editions","Line of Business":{"code":"LOB24","label":"Security Software"}}]
Was this topic helpful?
Document Information
Modified date:
10 May 2019
UID
swg21992919