Configuring Universal Data Insights
connections
Through the Universal Data Insights
service, the threat data and indicators of compromise (IOCs) are obtained at specified intervals by
adding and configuring data source connections to the source connectors.
Before you begin
idrm-vm01.rtp.raleigh.ibm.com> grdapi register_oauth_internal_client getEncrypted=false grant_types=password module=UDI
ID=0
{“client_id”:“UDI”,“client_secret”:“eafb33ab-b73c-4132-a5b0-02973a9041b4",“grant_types”:“password”,“scope”:“read,write”,“redirect_uri”:
“https://someApp”,“user”:“CP4S_UDI_REST_requestor”,“password”:“H20TcCde&50CD18!864&78BF”}About this task
The threat data and IOCs are imported based on the user entitlements to access the data source connections. On the page, you can see only the connections that you are entitled to view and access the data sources. If you are an admin user for the data sources, you can view and access all the data source connections.
- IBM® Security Guardium
- IBM Security QRadar®
- TruSTAR
- Micro Focus ArcSight
- CrowdStrike Falcon
- Amazon CloudWatch
- IBM Security Verify Privilege Vault
Procedure
- On the home page, click the Menu icon.
- In the General settings section, click .
- Click Data sources.
- Click Connect a data source.
- Select the connector and configure. For the configuration information, see Universal data insights connectors.
Results
The threat data and IOCs are imported through the Universal Data Insights service at specified intervals from the
source connectors that you configured. For more information about scheduling the import tasks, see
Scheduling tasks.
You can review and manage your data source connections by using the Manage
connections module of Risk Manager. For more
information, see Managing connections in Risk Manager.