Configuring CloudLock Cloud Security Fabric to communicate with QRadar
You can configure CloudLock Cloud Security Fabric to communicate with QRadar by using a Python script.
Before you begin
- To collect incidents from CloudLock, a script that makes CloudLock API calls is required. This script collects incidents and coverts them to Log Event Extended Format (LEEF).
- Python is required.
- Generate a CloudLock API token. To generate an API token in CloudLock, open the Settings. Go to the Integrations panel. Copy the Access token that appears on the page.
- Go to the CloudLock Support website (https://www.cloudlock.com/support/). Open a support case to obtain the cl_sample_incidents.py file and then schedule the script for event collection.