Configuring Onapsis Security Platform to communicate with QRadar

To collect events from Onapsis Security Platform, you must add a connector and an alarm profile.

About this task

Alarm profiles configure the Onapsis Security Platform to automatically take action when an incident is observed.

Procedure

  1. Log in to Onapsis Security Platform.
  2. Click the Gear icon.
  3. Click Settings.
  4. From Connectors Settings, click Add to include a new connector.
  5. Click Respond > Alarm Profiles.
  6. Add new alarm profile.
    1. Select Alarm Type and Severity.
    2. Type the name and the description.
    3. Select the target from the Assets List or Tags List.
      The lists are mutually exclusive.
    4. Add a condition for when the alarm is triggered
    5. To add an action that runs when the alarm is triggered, click Action.
    6. Select the QRadar® connector that was created in step 4.