/
Visualizing SOC Insights as Offense in the QRadar
Visualizing SOC Insights as Offense in the QRadar
- Shirly Tsang
Owned by Shirly Tsang
Aug 05, 2024
1 min read
Analytics
Loading data...
There will be a rule “Infoblox SOC Insights Rule” regularly monitoring the SOC Insights data ingested via API and data connector and it creates the offenses in the QRadar.
To see offense created via rule follow below steps.
Login to QRadar console.
Navigate to the Offenses tab.
Click on the All Offenses.
Here all the offenses will be displayed.
The SOC Insights offenses will have the description as “SOC Insights”. See below Image.
The recent comments fetched from the API will be added as part of the notes in the respective SOC Insights offense.
When the SOC Insight is closed, respective offense will be closed with the closing comment.
Related content
SOC Insights Overview
SOC Insights Overview
More like this
Viewing Insight Comments
Viewing Insight Comments
More like this
Viewing Insight Indicators
Viewing Insight Indicators
More like this
Prerequisites
Prerequisites
More like this