SAP Enterprise Threat Detection

The IBM® QRadar® SAP Enterprise Threat Detection Content Extension adds new custom event properties.

Important: To avoid content errors in this content extension, keep the associated DSMs up to date. DSMs are updated as part of the automatic updates. If automatic updates are not enabled, download the most recent version of the associated DSMs from IBM Fix Central (https://www.ibm.com/support/fixcentral).

IBM Security QRadar SAP Enterprise Threat Detection Content Extension

IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.2
IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.1
IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.0

IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.2

The ID of the Score custom property is updated in IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.2. Delete the Score custom property before installing 1.0.2.

_{(Back to top)}

IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.1

The following table shows the custom properties that were updated in IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.1.

Table 1. Updated Custom Properties in IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.1
Name	Optimized	Capture Group	Regex
Message	No	1	Text=(.*?)\t

_{(Back to top)}

IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.0

The following table shows the custom properties in IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.0.

Table 2. Custom Properties in IBM Security QRadar SAP Enterprise Threat Detection Content Extension 1.0.0
Name	Optimized	Capture Group	Regex
Event Detail Link	No	1	UiLink=(.*?)\t
Message	No	1	Text=(.*?)\t
Score	No	1	Measurement=(.*?)\t

_{(Back to top)}