Skip to main content
IBM QRadar

Learn how to integrate IBM's QRadar with Torq's automated workflows.

Updated over 5 months ago

Create a QRadar API Key

  1. Go to Admin > User Management > Authorized Services.

  2. Click Add Authorized Service.

  3. In Service Name, enter a unique and meaningful name such as Torq {workspacename} Key.

  4. Under User Role, select the role you want the Torq integration to use.

  5. Under Security Profile, select which networks and log sources you want the Torq integration to access.

  6. In the Expiry Date, select a date for the key to expire.

  7. Click Create Service.

  8. Copy the created token string and save it in a secure location.

  9. In the Admin tabe, click Deploy Changes.

  10. In Admin > Operations, click QRadar Operations.

  11. Paste the token string you created earlier into SEC Token and click Save.

Create a QRadar Integration in Torq

  1. Go to Build > Integrations > Steps > IBM QRadar and click Add.

  2. Give the integration a unique and meaningful name.

  3. Paste the token you created earlier.

  4. Enter your IBM QRadar Base URL, including the prefix (e.g "https://").

  5. Enter the IBM QRadar API version that will be used to run the IBM QRadar steps in Torq. For more information about IBM QRadar versions, see here.

  6. Click Add.

Did this answer your question?