Exporting reference sets
You can configure the QRadar® Advisor with Watson™ app to export reference sets to QRadar automatically.
Before you begin
You must have QRadar administrator privileges to export reference sets to QRadar.
About this task
Based on the analysis results from your Watson investigation, you can export malicious identifiers to reference sets in your QRadar system. Watson determines what is malicious by the observables that exceed both the default toxicity threshold and the default relevance threshold. Each time an export occurs, any new observables that are found are added to the relevant reference set.
If you automatically export reference sets, the results of the export contain observable types (configured on the Automatic Investigation page) that are sufficiently toxic and relevant from the highest investigated stage.
To manually export the reference set from the Relationship Graph page, see Viewing the relationship graph
For more information about Reference Sets in QRadar, see Reference sets overview.