ThreatGRID Malware Threat Intelligence configuration overview

You can integrate ThreatGRID Malware Threat Intelligence events with IBM QRadar.

You must complete the following tasks:

  1. Download the QRadar Log Enhanced Event Format Creation script for your collection type from the ThreatGRID support website to your appliance.
  2. On your ThreatGRID appliance, install and configure the script to poll the ThreatGRID API for events.
  3. On your QRadar appliance, configure a log source to collect events based on the script you installed on your ThreatGRID appliance.
  4. Ensure that no firewall rules block communication between your ThreatGRID installation and the QRadar Console or managed host that is responsible for retrieving events.