Creating an authorized service token

IBM QRadar requires that you use an authentication token to authenticate the API calls made by the IBM QRadar Event and Flow Exporter. Use the Manage Authorized Services page on the Admin tab to create an authorized service token.

QRadar on Cloud administrators can learn how to add and manage authorized service tokens by reading https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.qradar.doc/c_qrocss_manageauthservices.html.

If you're a

QRadar on Cloud

customer, contact Customer Support to create an authorized service token for you.
  1. On the Admin tab, click System Configuration > User Management > Authorized Services.
  2. In the Authorized Service Management window, click Add.
  3. Add the relevant information in the following fields and click Create Service:
    1. In the Service Name field, type a name for this authorized service. The name can be up to 255 characters in length.
    2. From the Security Profile list, select the security profile to assign to this authorized service. The security profile determines the networks and log sources that this service can access on QRadar.
    3. From the User Role list, select Admin.
    4. In the Expiry Date list, type or select the date for this service to expire. If an expiry date is not necessary, select No Expiry.
    5. Click Save.
  4. Select and copy the token string into a text editor, click Close, and exit the Authorized Service Management window.
Configuring QRadar Event and Flow Exporter