IBM Support

QRadar: API Examples / Sample Code and API FAQ

Question & Answer


Where do I find the API sample code that is published with each version of QRadar?


1. Is there a repository for QRadar API code samples?

QRadar API samples are stored in a GitHub repository for each version of QRadar. As new versions of QRadar are released, a new link will be posted with code samples to help customers leverage APIs and features.

Master list of API samples

2. Where do I run the code samples?

API sample scripts downloaded from the GitHub page should not be run directly on a QRadar appliance. The code samples downloaded from the GitHub page are intended to run on an outside system to poll data from QRadar. QRadar does not run Python 3.3 and the requirements for Python 3.3 is intended for the outside host that is running the code samples. QRadar cannot be upgraded to Python 3.3 as this will cause system-wide issues. Administrators should never be installing any RPMs on their QRadar Console, unless the files come from IBM Fix Central.

    Figure 1: Image displays that the code samples never run on QRadar, but instead an external host

3. What are the requirements to run the code samples?
API code sample version
QRadar Requirements
Requirements for external host
Samples 7.2.1 QRadar 7.2.1 (any patch level) Python 3.3
Samples 7.2.2 QRadar 7.2.2 (any patch level) Python 3.3
Samples 7.2.3 QRadar 7.2.3 (any patch level) Python 3.3
QRadar 7.2.4 QRadar 7.2.4 (any patch level) Python 3.3
QRadar 7.2.5 QRadar 7.2.5 (any patch level) Python 3.3
QRadar 7.2.6 QRadar 7.2.6 (any patch level) Python 3.3
QRadar 7.2.7 QRadar 7.2.7 (any patch level) Python 3.3

4. Are the code samples are specific to your QRadar version?

Yes. Users can verify the software version on the Console from the Dashboard tab, by selecting the Help > About. Users and administrators should download the appropriate code samples for the QRadar version. A branch is created for each QRadar version and users can download the specific branch for their QRadar version.

    Figure 2: Select the proper branch to download API samples specific to your QRadar version.

5. When are new code samples posted?

As major QRadar updates are released, new code samples will be attached to this article to help customers leverage new API features.

6. How do I get help?

If you have a question, comments, ideas, or feedback, you can open a new question in the dW Answers forum using the tags: qradar and API.

If you have issues with the API code samples for a specific QRadar version, you can raise an issue directly from the GitHub user interface. When you create an issue, GitHub directly emails the developer with your comments so any defects can be reviewed in more detail.

    Figure 3: GitHub report issue button to get assistance with software posted to the IBM GitHub page.

7. Do the samples work with different operating systems?

Yes, we have tried the code samples posted below on Windows, Apple OSx, and Linux. If you have an issue with a specific operating system and our GitHub samples, open an issue in GitHub to let us know.


[{"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Admin Console","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0;7.1;7.2","Edition":"All Editions","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
10 May 2019