IBM Security QRadar SOAR Platform tutorials
Use the Tutorials to learn how to get the most out of IBM Security® QRadar® SOAR Platform capabilities.
Each tutorial is comprised of modules to help you accomplish broad goals, such as creating custom graphs. The lessons in each module can help you learn more about a specific capability.
There are two tutorials.
- Custom graphs
- You can create custom graphs to display the lifecycle of incidents over time, adding fields, custom fields, and filters to focus on the areas of greatest interest to your organization. For best results, you typically need to create some test graphs and variations to become familiar with the capabilities.
- Create new incidents or update existing incidents from incoming email
- You can configure the SOAR Platform to create new incidents or update existing incidents from incoming email. For example, you can configure the SOAR Platform to create or update incidents from email from SIEMs or network devices. You complete the configuration using a combination of rules and a script, setting required permissions, and configuring an inbound email connection in the SOAR interface.