How To
Summary
This article provides information on how to configure DNS resolution for custom action scripts.
Objective
This document can help you configure hostnames instead of IP address of systems present in your QRadar® for Custom Action Scripts. Adding hostnames can be useful for:
-Custom Action Scripts
-API Calls
Steps
- Log in to the QRadar Console on the command-line interface.
- Run the following command to back up your existing resolv.conf file:
cp -v /opt/qradar/bin/ca_jail/etc/resolv.conf /root/resolv.conf - To add the Domain Name and associated IP address to this file, make note of the format, and run the following command:
echo "Domain_Name 127.0.0.1" >> /opt/qradar/bin/ca_jail/etc/resolv.confThe new definition is added to the end of the file. Make sure you have two > characters, or you overwrite the file. If this happens, copy the original file back from step 2. -
Perform a Full Deploy from the QRadar GUI.
Results:
After the deployment, the config change is complete. The administrators can repeat this process for any other hosts.
Document Location
Worldwide
[{"Type":"MASTER","Line of Business":{"code":"LOB24","label":"Security Software"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSBQAC","label":"IBM Security QRadar SIEM"},"ARM Category":[{"code":"a8m0z000000cwthAAA","label":"Offenses"},{"code":"a8m0z000000cwtmAAA","label":"Reports"}],"ARM Case Number":"TS008298804","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Versions"}]
Was this topic helpful?
Document Information
Modified date:
08 March 2022
UID
ibm16552876