Configuring CloudLock Cloud Security Fabric to communicate with QRadar

You can configure CloudLock Cloud Security Fabric to communicate with QRadar by using a Python script.

Before you begin

  • To collect incidents from CloudLock, a script that makes CloudLock API calls is required. This script collects incidents and coverts them to Log Event Extended Format (LEEF).
  • Python is required.

Procedure

  1. Generate a CloudLock API token. To generate an API token in CloudLock, open the Settings. Go to the Integrations panel. Copy the Access token that appears on the page.
  2. Go to the CloudLock Support website (https://www.cloudlock.com/support/). Open a support case to obtain the cl_sample_incidents.py file and then schedule the script for event collection.