Configuring Red Hat Advanced Cluster Security for Kubernetes to communicate with IBM Security QRadar Log Insights

To send events to QRadar® Log Insights, you must add a new Generic Webhook integration.

Before you begin

You must have permission to access Generic Webhook Integrations in the Red Hat Advanced Cluster for Kubernetes application.

Procedure

  1. Log in to the Red Hat Advanced Cluster Security for Kubernetes application.
  2. From the navigation menu, select Platform Configuration > Integrations.
  3. In the Integrations window, click StackRox Generic Webhook.
  4. In the CONFIGURE GENERIC WEBHOOK NOTIFIER INTEGRATIONS window, click + NEW INTEGRATION.
  5. Type your integration name and endpoint in the Integration Name field.

    Use the following example as a guide:

    <QRadar+ Log Insights_URL:port>

  6. Click Create.

What to do next

HTTP Receiver data source parameters for Red Hat® Advanced Cluster Security for Kubernetes