IBM QRadar® Deployment
Intelligence needs
an Admin level SEC token to access REST API endpoints and for Ariel searches. After the app is
installed, you are redirected to a landing page that leads to the security token configuration
page.
About this task
QRadar on Cloud
administrators can learn how to add and manage authorized service tokens by reading Authorized service token. If you are a QRadar on Cloud
customer, contact Customer Support to create an authorized service token for you.
Procedure
-
From the QDI home page, click .
-
Follow the procedure on the SEC Token Update page by using the relevant
information in the following fields:
-
In the Label Service field, type a name for the authorized
service.
-
From the User Role list, select Admin.
-
From the Security Profile list, select
Admin.
-
In the Expiry Date list, type or select an expiry date for this service.
If you want uninterrupted data collection, select No Expiry.
-
Click Save.
-
Click the row that contains the service you created, select and copy the token string from the
Selected Token field in the menu bar, and close the Manage
Authorized Services window.
- On the Admin tab, click Deploy Changes.
-
Return to the SEC Token Update page and click Add SEC
Token.
-
Paste your SEC token and click Save.
Results
After you submit your SEC token, QRadar Deployment
Intelligence sets up the initial
database and host information schemas from initial API calls and Ariel searches. QRadar Deployment
Intelligence runs Daemon threads in
the background to collect information about your deployment. After the initial information about the
deployment is collected, the app redirects you to the QRadar Deployment
Intelligence dashboard.