This post contains the code samples that our QRadar software development team put together to assist customers with leveraging functions in the QRadar REST API. The code samples attached to this post are for educational purposes and we recommend that you use these to learn in a test or lab environment and not in your production environment.
Is there a repository for QRadar API code samples?
Yes, we recently created a GitHub repository for QRadar API code samples. As new versions of QRadar are released, a new link will be posted with code samples to help customers leverage APIs and features.
- QRadar 7.2.1 Code Samples: https://github.com/ibmqradar/api-samples/tree/7.2.1
- QRadar 7.2.2 Code Samples: https://github.com/ibmqradar/api-samples/tree/7.2.2
- QRadar 7.2.3 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.3
- QRadar 7.2.4 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.4
- QRadar 7.2.5 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.5
- QRadar 7.2.6 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.6
- QRadar 7.2.7 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.7
- QRadar 7.2.8 Code Samples: https://github.com/ibm-security-intelligence/api-samples/tree/7.2.8
Where do I run the code samples?
API sample scripts downloaded from the GitHub page should not be run directly on a QRadar appliance. The code samples downloaded from the GitHub page are intended to run on an outside system to poll data from QRadar. QRadar does not run Python 3.3 and the requirements for Python 3.3 is intended for the outside host that is running the code samples. QRadar cannot be upgraded to Python 3.3 as this will cause system-wide issues. Adminsitrators should never be installing any RPMs on their QRadar Console, unless the files come from IBM Fix Central.
Are the code samples are specific to your QRadar version?
Yes. Users can verify the software version on the Console from the Dashboard tab, by selecting the Help > About. Users and administrators should download the appropriate code samples for the QRadar version.
When are new code samples posted?
As major QRadar updates are released, new code samples will be attached to this post to help customers leverage new API features.
What are the requirements to run the code samples?
API code sample version QRadar Requirements Requirements for external host Samples 7.2.1
QRadar 7.2.1 (any patch level)
Python 3.3 Samples 7.2.2
QRadar 7.2.2 (any patch level)
Python 3.3 Samples 7.2.3
QRadar 7.2.3 (any patch level)
Python 3.3 QRadar 7.2.4
QRadar 7.2.4 (any patch level)
Python 3.3 QRadar 7.2.5
QRadar 7.2.5 (any patch level)
Python 3.3 QRadar 7.2.6
QRadar 7.2.6 (any patch level)
Python 3.3 QRadar 7.2.7 QRadar 7.2.7 (any patch level) Python 3.3
How do I get help?
If you have a question, comments, ideas, or feedback, you can open a new topic in the API forum and we will review your post. If you want feedback from a specific user, you can use @<forum_name> , for example @Jonathan.Pechta (IBM)270006EH0R will request a response from a specific user. When you use the at (@) symbol with a user that has (IBM) in their title, it alerts us to your question and we will receive an email with your forum question.
Do the samples work with different operating systems?
Yes, we have tried the code samples posted below on Windows, Apple OSx, and Linux. If you have issues with a specific operating system please let us know.