Before you use the IBM®
QRadar® Threat Intelligence
dashboard, you must create an authentication token.
About this task
The Threat Intelligence dashboard is only available in IBM
QRadar Threat Intelligence 2.0.0 or later.
- From the navigation menu on the Threat Intelligence dashboard, click the App
Settings icon (
).
- Click To Settings Page.
- On the SEC Token tab, click Manage Authorized
Services. You must have QRadar administrator privileges to
access the page.
-
On the Manage Authorized Services page, click Add Authorized
Service.
-
Add the relevant information in the following fields and click Create
Service:
-
In the Service Name field, type a name for this authorized service. The
name can be up to 255 characters in length.
-
From the Security Profile list, select the security profile that you
want to assign to this authorized service. The security profile determines the networks and log
sources that this service can access on the QRadar user interface.
-
From the User Role list, select the Admin user
role.
Tip: If you're using QRadar Threat Intelligence on IBM QRadar on Cloud, you must use a SaaS
Admin token, and assign the Security Administrator role to your administrative users.
-
In the Expiry Date list, type or select a date that you want this
service to expire. If an expiry date is not necessary, select No Expiry.
- Click Create Service.
-
Click the row that contains the service you created and then select and copy the token string
from the Selected Token field in the menu bar.
- Paste the authorized service token string into the QRadar Authentication
Token field on the SEC Token tab.
-
Click to check Applied to Threat Feeds Downloader to apply the same
Authentication Token to the Threat Feeds Downloader page.
Note: The same Authentication Token settings are also applied to
when the
Applied to Threat Feeds Downloader is checked.
-
Click Save Configuration.