Creating an authorized service token for QRadar Deployment Intelligence

IBM QRadar® Deployment Intelligence needs an Admin level SEC token to access REST API endpoints and for Ariel searches. After the app is installed, you are redirected to a landing page that leads to the security token configuration page.

About this task

QRadar on Cloud administrators can learn how to add and manage authorized service tokens by reading Authorized service token. If you are a QRadar on Cloud customer, contact Customer Support to create an authorized service token for you.

Procedure

  1. From the QDI home page, click Configuration > SEC Token Setup.
  2. Follow the procedure on the SEC Token Update page by using the relevant information in the following fields:
    1. In the Label Service field, type a name for the authorized service.
    2. From the User Role list, select Admin.
    3. From the Security Profile list, select Admin.
    4. In the Expiry Date list, type or select an expiry date for this service. If you want uninterrupted data collection, select No Expiry.
    5. Click Save.
  3. Click the row that contains the service you created, select and copy the token string from the Selected Token field in the menu bar, and close the Manage Authorized Services window.
  4. On the Admin tab, click Deploy Changes.
  5. Return to the SEC Token Update page and click Add SEC Token.
  6. Paste your SEC token and click Save.

Results

After you submit your SEC token, QRadar Deployment Intelligence sets up the initial database and host information schemas from initial API calls and Ariel searches. QRadar Deployment Intelligence runs Daemon threads in the background to collect information about your deployment. After the initial information about the deployment is collected, the app redirects you to the QRadar Deployment Intelligence dashboard.