Before you can configure polling for the Incident Overview app, you must create an
authorized service token.
About this task
You must have QRadar®
administrator privileges to create an authorized service token.
Procedure
-
In the Incident Overview app window, click
Configure and Manage Authorized Services to open the
Manage Authorized Services window.
-
Click Add Authorized Service.
-
Add the relevant information in the following fields:
-
In the Service Name field, type a name for this authorized service. The
name can be up to 255 characters in length.
-
From the User Role list, select the Admin user
role.
-
From the Security Profile list, select the security profile that you
want to assign to this authorized service. The security profile determines the networks and log
sources that this service can access on the QRadar user interface.
-
In the Expiry Date list, type or select a date that you want this
service to expire. If an expiry date is not necessary, select No Expiry.
-
Click Create Service.
-
Click the row that contains the service that you created, select and copy the token string from
the Selected Token field in the menu bar, and close the Manage
Authorized Services window.
-
On the Admin tab, click Deploy Changes.
-
In the Incident Overview app window, click
Configure, and paste the authorized service token string into the
Authorization Token field.