Configuring IBM Security Guardium Insights to communicate with the QRadar platform

To send alerts from IBM Security Guardium® Insights to the QRadar® platform, you need to generate an OAuth client or an API access key.

Before you begin

To generate OAuth clients or API access keys, you need Administrator or Access Manager role permissions.

Procedure

  1. Optional: If you use the SaaS version of IBM Security Guardium Insights, complete the steps for Registering OAuth client applications (https://ibmdocs-test.dcs.ibm.com/docs/en/SSWSZ5_saas_test?topic=clients-registering-oauth-client-applications)
    Important: Record the OAuth client (client ID) and Secret OAuth client (client secret) values. You need these values when you configure a data source in the QRadar platform.
  2. Optional: If you do not use the SaaS version of IBM Security Guardium Insights, complete the steps for Administering API keys (https://www.ibm.com/docs/en/guardium-insights/3.2.x?topic=administering-api-keys)
    Important: Record the API key and Secret API key values. You need these values when you configure a data source in the QRadar platform.

What to do next

Add a IBM Security Guardium Insights data source that uses the Universal Cloud REST API connector. For more information about adding a data source, see Adding ingestion data sources.