Creating an authorized service token

Before you can configure polling for the Incident Overview app, you must create an authorized service token.

About this task

You must have QRadar® administrator privileges to create an authorized service token.

Procedure

  1. In the Incident Overview app window, click Configure and Manage Authorized Services to open the Manage Authorized Services window.
  2. Click Add Authorized Service.
  3. Add the relevant information in the following fields:
    1. In the Service Name field, type a name for this authorized service. The name can be up to 255 characters in length.
    2. From the User Role list, select the Admin user role.
    3. From the Security Profile list, select the security profile that you want to assign to this authorized service. The security profile determines the networks and log sources that this service can access on the QRadar user interface.
    4. In the Expiry Date list, type or select a date that you want this service to expire. If an expiry date is not necessary, select No Expiry.
  4. Click Create Service.
  5. Click the row that contains the service that you created, select and copy the token string from the Selected Token field in the menu bar, and close the Manage Authorized Services window.
  6. On the Admin tab, click Deploy Changes.
  7. In the Incident Overview app window, click Configure, and paste the authorized service token string into the Authorization Token field.