Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident.
IBM Security QRadar SOAR
- Details
- Content
- Dependencies
- Version History
Case management that enables visibility across your tools for continual IR improvement
Automations
| Name | Description |
|---|---|
| IbmAddNote | |
| IbmAddTask | Use this script to add a task to an IBM QRadar SOAR incident. |
| IbmConvertTasksToTable | This script is used to convert IBM QRadar SOAR tasks to a markdown table. |
| IbmConvertArtifactsToTable | This script is used to format IBM QRadar SOAR Artifacts into a markdown table. |
| IbmConvertCommentsToTable | This script is used to convert IBM QRadar SOAR notes to a markdown table. |
| IbmUpdateTask | Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident. |
| IbmUploadAttachment | Use this script to upload an attachment to an IBM QRadar SOAR incident. This script should be run within an incident. |
| IbmConvertAttachmentsToTable | This script is used to convert IBM QRadar SOAR attachments to a markdown table. |
| IbmUpdateNote | Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident. |
Classifiers
| Name | Description |
|---|---|
IBM QRadar SOAR - Classifier | |
IBM QRadar SOAR Incoming Mapper | |
IBM QRadar SOAR Outgoing Mapper |
Incident Fields
| Name | Description |
|---|---|
IBM Security QRadar SOAR Attachments | Incident attachments |
IBM Security QRadar SOAR Criminal Activity | |
IBM Security QRadar SOAR Discovered Date | |
IBM Security QRadar SOAR Phase | |
IBM Security QRadar SOAR Reporter Name | |
IBM Security QRadar SOAR Notes | |
IBM Security QRadar SOAR Resolution | |
IBM Security QRadar SOAR Artifacts | Incident artifacts |
IBM Security QRadar SOAR Resolution Summary | |
IBM Security QRadar SOAR Exposure Type | |
IBM Security QRadar SOAR NIST Attack Vectors | |
IBM Security QRadar SOAR Negative PR | |
IBM Security QRadar SOAR Name | |
IBM Security QRadar SOAR Tasks |
Incident Types
| Name | Description |
|---|---|
IBM QRadar SOAR Incident |
Integrations
| Name | Description |
|---|---|
| IBM Security QRadar SOAR | Case management that enables visibility across your tools for continual IR improvement. |
Layouts
| Name | Description |
|---|---|
IBM QRadar SOAR Incident |
Automations
| Name | Description |
|---|---|
| IbmConvertArtifactsToTable | This script is used to format IBM QRadar SOAR Artifacts into a markdown table. |
| IbmConvertTasksToTable | This script is used to convert IBM QRadar SOAR tasks to a markdown table. |
| IbmUpdateTask | Use this script to add a note entry in Cortex XSIAM, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident. |
| IbmConvertCommentsToTable | This script is used to convert IBM QRadar SOAR notes to a markdown table. |
| IbmAddNote | Use this script to add a note entry in Cortex XSIAM, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident. |
| IbmAddTask | Use this script to add a task to an IBM QRadar SOAR incident. |
| IbmConvertAttachmentsToTable | This script is used to convert IBM QRadar SOAR attachments to a markdown table. |
| IbmUpdateNote | Use this script to add a note entry in Cortex XSIAM, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident. |
| IbmUploadAttachment | Use this script to upload an attachment to an IBM QRadar SOAR incident. This script should be run within an incident. |
Classifiers
| Name | Description |
|---|---|
IBM QRadar SOAR - Classifier | |
IBM QRadar SOAR Outgoing Mapper | |
IBM QRadar SOAR Incoming Mapper |
Incident Fields
| Name | Description |
|---|---|
IBM Security QRadar SOAR Attachments | Incident attachments |
IBM Security QRadar SOAR Tasks | |
IBM Security QRadar SOAR Phase | |
IBM Security QRadar SOAR Name | |
IBM Security QRadar SOAR Exposure Type | |
IBM Security QRadar SOAR Criminal Activity | |
IBM Security QRadar SOAR Artifacts | Incident artifacts |
IBM Security QRadar SOAR Resolution Summary | |
IBM Security QRadar SOAR Notes | |
IBM Security QRadar SOAR NIST Attack Vectors | |
IBM Security QRadar SOAR Reporter Name | |
IBM Security QRadar SOAR Negative PR | |
IBM Security QRadar SOAR Discovered Date | |
IBM Security QRadar SOAR Resolution |
Incident Types
| Name | Description |
|---|---|
IBM QRadar SOAR Incident |
Integrations
| Name | Description |
|---|---|
| IBM Security QRadar SOAR | Case management that enables visibility across your tools for continual IR improvement. |
Layouts
| Name | Description |
|---|---|
IBM QRadar SOAR Incident |
Required Content Packs (3)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
Optional Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Common Types | By: Cortex XSOAR |
All level dependencies (4)
| Pack Name | Pack By |
|---|---|
| Cortex REST API | By: Cortex XSOAR |
| Common Scripts | By: Cortex XSOAR |
| Base | By: Cortex XSOAR |
| Filters And Transformers | By: Cortex XSOAR |
1.2.0 - 1419889 (September 23, 2024)
- 35286
Download
Classifiers
New: IBM QRadar SOAR - Classifier
Classified new IBM QRadar SOAR incidents.
Incident Fields
New: IBM Security QRadar SOAR Artifacts
New field.New: IBM Security QRadar SOAR Attachments
New field.New: IBM Security QRadar SOAR Criminal Activity
New field.New: IBM Security QRadar SOAR Discovered Date
New field.New: IBM Security QRadar SOAR Exposure Type
New field.New: IBM Security QRadar SOAR Name
New field.
New: IBM Security QRadar SOAR NIST Attack Vectors
New field.New: IBM Security QRadar SOAR Negative PR
New field.New: IBM Security QRadar SOAR Notes
New field.New: IBM Security QRadar SOAR Phase
New field.New: IBM Security QRadar SOAR Reporter Name
New field.New: IBM Security QRadar SOAR Resolution
New field.New: IBM Security QRadar SOAR Resolution Summary
New field.New: IBM Security QRadar SOAR Tasks
New field.
Incident Types
- New: IBM QRadar SOAR Incident
New: Created a new incident type.
Integrations
IBM Security QRadar SOAR
- Renamed integration from 'IBM Resilient Systems' -> 'IBM Security QRadar SOAR'
- Breaking Change Username & password authentication is deprecated. API Key ID & Secret are now required to be configured if not configured already.
- Added support for mirroring incidents, tasks, notes, attachments, and artifacts.
- Added the following new commands:
-rs-get-attachment
-rs-add-custom-task
-rs-upload-incident-attachment
-rs-delete-incidents
-rs-list-incident-notes
-rs-update-incident-note
-rs-list-tasks
-rs-update-task
-rs-get-task-members
-rs-delete-task-members
-rs-list-task-instructions
-rs-list-scripts - Updated the Docker image to: demisto/resilient:2.0.0.112034.
Layouts
- New: IBM QRadar SOAR Incident
Added a new layout for IBM QRadar SOAR Incident type. Available from Cortex XSOAR 6.0.0.
Mappers
New: IBM QRadar SOAR Incoming Mapper
Added a new incoming mapper from IBM QRadar SOAR Incident type to Cortex XSOAR incident. Available from Cortex XSOAR 6.0.0.
New: IBM QRadar SOAR Outgoing Mapper
Added a new outgoing mapper from a Cortex XSOAR incident to an IBM QRadar SOAR incident. Available from Cortex XSOAR 6.0.0.
Scripts
New: IbmAddNote
- New: Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident.
- New: Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident.
New: IbmAddTask
- New: Use this script to add a task to an IBM QRadar SOAR incident.
- New: Use this script to add a task to an IBM QRadar SOAR incident.
New: IbmConvertArtifactsToTable
- New: This script is used to format IBM QRadar SOAR Artifacts into a markdown table.
- New: This script is used to format IBM QRadar SOAR Artifacts into a markdown table.
New: IbmConvertAttachmentsToTable
- New: This script is used to convert IBM QRadar SOAR notes to a markdown table.
- New: This script is used to format IBM QRadar SOAR attachments to a markdown table.
New: IbmConvertCommentsToTable
- New: This script is used to convert IBM QRadar SOAR notes to a markdown table.
- New: This script is used to convert IBM QRadar SOAR notes to a markdown table.
New: IbmConvertTasksToTable
- New: This script is used to convert IBM QRadar SOAR notes to a markdown table.
- New: This script is used to convert IBM QRadar SOAR tasks to a markdown table.
New: IbmUpdateNote
- New: Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident.
- New: Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident.
New: IbmUpdateTask
- New: Use this script to add a note entry in Cortex XSOAR, which will then be mirrored as a note to an IBM QRadar SOAR incident. This script should be run within an incident.
- New: Use this script to add a task to an IBM QRadar incident.
New: IbmUploadAttachment
- New: Use this script to upload an attachment to an IBM QRadar SOAR incident. This script should be run within an incident.
- New: Use this script to upload an attachment to an IBM QRadar SOAR incident.
- 35286
Download
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | June 30, 2020 | |
| Last Release | September 23, 2024 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
