Integrate RevealX 360 with QRadar

This integration enables you to view metrics from RevealX 360 in IBM Security QRadar to gain behavioral insights about your environment.

To configure this integration, you must create QRadar credentials and then add them to the configuration of the ExtraHop App for QRadar.

System requirements

ExtraHop RevealX 360

  • Your user account must have privileges on RevealX 360 for System and Access Administration.
  • Your RevealX 360 system must be connected to an ExtraHop sensor with firmware version 8.8 or later.
  • Your RevealX 360 system must be connected to ExtraHop Cloud Services.

QRadar

  • You must have IBM Security QRadar version 7.4.1 FP2 or later.

Create QRadar integration credentials

  1. Log in to RevealX 360.
  2. Click the System Settings icon and then click Integrations.
  3. Click the IBM Security QRadar tile.
  4. Click Create Credential.
    The page displays the generated ID and secret.
  5. (Optional): If you have already created a credential for REST API access, you can apply it to the integration. Click Select Existing Credential, select a credential from the drop-down list and then click Select.
  6. Copy and store the ID and secret, which you will need to configure the ExtraHop App for QRadar.
  7. Click Done.
The credential is also added to the ExtraHop REST API Credentials page where you can view the credential status, copy the ID, or delete the credential.

Install and configure the ExtraHop App for QRadar

  1. Download the ExtraHop App for QRadar from the IBM App Exchange site.
  2. In the right panel of the download site, click View next to Documentation to download a PDF of the app user guide.
  3. Install and configure the add-on according to the instructions in the user guide.
  4. In the following configuration fields, enter the credentials you created and copied for the QRadar integration:
    • Authentication ID
    • Secret Key

Next steps

Export RevealX 360 metrics and view them in QRadar according to the instructions in the ExtraHop App for QRadar user guide.

Last modified 2024-05-15