Configuring Red Hat Advanced Cluster Security for Kubernetes to communicate with QRadar

To send events to IBM QRadar, you must add a new Generic Webhook integration.

Before you begin

You must have permission to access Generic Webhook Integrations in the Red Hat Advanced Cluster for Kubernetes application.

Procedure

  1. Log in to the Red Hat Advanced Cluster Security for Kubernetes application.
  2. From the navigation menu, select Platform Configuration > Integrations.
  3. In the Integrations window, click StackRox Generic Webhook.
  4. In the CONFIGURE GENERIC WEBHOOK NOTIFIER INTEGRATIONS window, click + NEW INTEGRATION.
  5. Type your integration name and endpoint in the Integration Name field.

    Use the following example as a guide:

    <URL to QRadar Box:<Port of Integration>

  6. Click Create.

What to do next

HTTP Receiver log source parameters for Red Hat® Advanced Cluster Security for Kubernetes