Understanding capabilities of the Qradar Restful API (python)

Long story short I just started interning for a company in the IT SecOps department. I’ve only been exposed to SIEM applications and others like them for the past four days so I’m still attempting to understand it’s capabilities. My intent is to script processes to make my bosses life easier on a daily basis. My question specifically is about providing input to Qradar so it can hopefully generate an offense.

After that rant of nonsense, my question is what sort file format should I use to communicate with Qradar? My plan was to create syslogs full of the information that can then be understood and interpreted using the API…

SIDENOTE:
I don’t know if this is even possible as the RESTful API documentation is a little bit on the side of horendous and I’m completely new to this field.

Thanks to all who took the time to read this, as it isn’t your average StackOverflow post and is quite off the wall. Any insight or information you could give me about the API would be much appreciated!

Thanks a million.

-Sincerely a confused soul

PS I know the tags are terrible so I don’t expect much input..


Download understanding.capabilities.of.the.qradar.restful.api.python.zip
Direct Link


Download


Download understanding.capabilities.of.the.qradar.restful.api.python.zip
Mediafire


Download


Download understanding.capabilities.of.the.qradar.restful.api.python.zip
Filefactory


Download

Both comments and pings are currently closed.

Comments are closed.