Great video! As far as you know, is it possible to create an offense through script with APIs? Or generate a log event and configure a rule to generate an offense when that event is created?
Look in the second screen of the rules wizard and you will find options to launch an event when a rule triggers, then that event can trigger another rule
@@jbravovideos I have to launch an offense only if a condition checked in an action script is matched. But i think i will trigger an event through the script and then i will catch that event as an offense with a rule in QRadar. Thank you very much for your answer!
Just to let you know, you're the best Qradar teacher in RUclips! :)
Excellent, I am from Brazil!, Thanks
Thank you too!
Great video! As far as you know, is it possible to create an offense through script with APIs? Or generate a log event and configure a rule to generate an offense when that event is created?
Look in the second screen of the rules wizard and you will find options to launch an event when a rule triggers, then that event can trigger another rule
@@jbravovideos I have to launch an offense only if a condition checked in an action script is matched. But i think i will trigger an event through the script and then i will catch that event as an offense with a rule in QRadar.
Thank you very much for your answer!
Excellent
Thanks!!!
please can you share the course notes