Configuring the authorization token
Before you use the IBM® QRadar® Threat Intelligence dashboard, you must create an authentication token.
The Threat Intelligence dashboard is only available in IBM QRadar Threat Intelligence 2.0.0 or later.
About this task
- From the navigation menu on the Threat Intelligence dashboard, click the App Settings icon ().
- Click To Settings Page.
- On the SEC Token tab, click Manage Authorized Services. You must have QRadar administrator privileges to access the page.
- On the Manage Authorized Services page, click Add Authorized Service.
Add the relevant information in the following fields and click Create
- In the Service Name field, type a name for this authorized service. The name can be up to 255 characters in length.
- From the Security Profile list, select the security profile that you want to assign to this authorized service. The security profile determines the networks and log sources that this service can access on the QRadar user interface.
From the User Role list, select the Admin user
Tip: If you're using QRadar Threat Intelligence on IBM QRadar on Cloud, you must use a SaaS Admin token, and assign the Security Administrator role to your administrative users.
- In the Expiry Date list, type or select a date that you want this service to expire. If an expiry date is not necessary, select No Expiry.
- Click Create Service.
- Click the row that contains the service you created and then select and copy the token string from the Selected Token field in the menu bar.
- Paste the authorized service token string into the QRadar Authentication Token field on the SEC Token tab.
Click to check Applied to Threat Feeds Downloader to apply the same
Authentication Token to the Threat Feeds Downloader page. Note: The same Authentication Token settings are also applied to when the Applied to Threat Feeds Downloader is checked.
- Click Save Configuration.
Configure a secure proxy server.