Learn the QRadar API in six minutes
In this demonstration video, Jose Bravo first uses the QRadar console to perform a common task.
He opens up the "High Risk" saved search to retrieve the current list of high-risk vulnerabilities that have been detected. He demonstrates how to pivot through the different views of the saved search.
Next, he demonstrates how to perform the same task programatically. He uses a REST client on his Mac. He demonstrates how to set the URL for the API in the client and how to use the QRadar console to generate the necessary authentication tokens to authorize an application to make programmatic queries. Then he shows how to set up the headers necessary with the authentication tokens. Next, he sets the version token in the client so the QRadar server will know which version of the API the client is invoking. Finally, he demonstrates how to code the REST client to invoke the saved search API.
Now that the API request is set, he uses the REST client to invoke the API, check the return code, and browse the results to see the list of high-risk vulnerabilities returned from the search.
- IBM Security QRadar SIEM
- Security on developerWorks blog
- security on developerWorks newsletter
- @dWSecurity on Twitter