ThreatGRID Malware Threat Intelligence configuration overview
You can integrate ThreatGRID Malware Threat Intelligence events with IBM QRadar.
You must complete the following tasks:
- Download the QRadar Log Enhanced Event Format Creation script for your collection type from the ThreatGRID support website to your appliance.
- On your ThreatGRID appliance, install and configure the script to poll the ThreatGRID API for events.
- On your QRadar appliance, configure a log source to collect events based on the script you installed on your ThreatGRID appliance.
- Ensure that no firewall rules block communication between your ThreatGRID installation and the QRadar Console or managed host that is responsible for retrieving events.