IBM Security QRadar Version Customizing the Right-Click Menu Technical Note

Similar documents
IBM Security QRadar Version Forwarding Logs Using Tail2Syslog Technical Note

IBM emessage Version 8.x and higher. Account Startup Overview

Installing Watson Content Analytics 3.5 Fix Pack 1 on WebSphere Application Server Network Deployment 8.5.5

Platform LSF Version 9 Release 1.1. Migrating on Windows SC

Build integration overview: Rational Team Concert and IBM UrbanCode Deploy

Platform LSF Version 9 Release 1.3. Migrating on Windows SC

IBM License Metric Tool Enablement Guide

Using application properties in IBM Cúram Social Program Management JUnit tests

IBM LoadLeveler Version 5 Release 1. Documentation Update: IBM LoadLeveler Version 5 Release 1 IBM

IBM Cloud Object Storage System Version Time Synchronization Configuration Guide IBM DSNCFG_ K

IBM Storage Driver for OpenStack Version Installation Guide SC

CONFIGURING SSO FOR FILENET P8 DOCUMENTS

Version 9 Release 0. IBM i2 Analyst's Notebook Premium Configuration IBM

IBM FlashSystem V MTM 9846-AC3, 9848-AC3, 9846-AE2, 9848-AE2, F, F. Quick Start Guide IBM GI

Version 9 Release 0. IBM i2 Analyst's Notebook Configuration IBM

IBM Cognos Dynamic Query Analyzer Version Installation and Configuration Guide IBM

IBM Spectrum LSF Process Manager Version 10 Release 1. Release Notes IBM GI

Tivoli Access Manager for Enterprise Single Sign-On

Migrating Classifications with Migration Manager

IBM Storage Driver for OpenStack Version Installation Guide SC

IBM Storage Driver for OpenStack Version Release Notes

Getting Started with InfoSphere Streams Quick Start Edition (VMware)

IBM OpenPages GRC Platform Version 7.0 FP2. Enhancements

iscsi Configuration Manager Version 2.0

IBM FlashSystem V Quick Start Guide IBM GI

IBM Operational Decision Manager Version 8 Release 5. Configuring Operational Decision Manager on Java SE

Networking Bootstrap Protocol

IBM OpenPages GRC Platform - Version Interim Fix 1. Interim Fix ReadMe

IBM Financial Transactions Repository Version IBM Financial Transactions Repository Guide IBM

IBM Storage Management Pack for Microsoft System Center Operations Manager (SCOM) Version Release Notes

Customizing the Right-Click Menu

IBM Operational Decision Manager. Version Sample deployment for Operational Decision Manager for z/os artifact migration

IBM UrbanCode Cloud Services Security Version 3.0 Revised 12/16/2016. IBM UrbanCode Cloud Services Security

IBM Kenexa LCMS Premier on Cloud. Release Notes. Version 9.3

Best practices. Starting and stopping IBM Platform Symphony Developer Edition on a two-host Microsoft Windows cluster. IBM Platform Symphony

IBM Security QRadar Version 7 Release 3. Community Edition IBM

Version 1 Release 1 November IBM Social Marketing Solution Pack User's Guide IBM

IBM Endpoint Manager Version 9.1. Patch Management for Ubuntu User's Guide

IBM Storage Device Driver for VMware VAAI. Installation Guide. Version 1.1.0

IBM Maximo for Service Providers Version 7 Release 6. Installation Guide

IBM Maximo Calibration Version 7 Release 5. Installation Guide

IBM XIV Provider for Microsoft Windows Volume Shadow Copy Service. Version 2.3.x. Installation Guide. Publication: GC (August 2011)

Migrating on UNIX and Linux

IBM Geographically Dispersed Resiliency for Power Systems. Version Release Notes IBM

IBM. IBM i2 Enterprise Insight Analysis Understanding the Deployment Patterns. Version 2 Release 1 BA

IBM. Networking INETD. IBM i. Version 7.2

IBM Spectrum LSF Version 10 Release 1. Readme IBM

IBM Storage Driver for OpenStack Version Release Notes

IBM i2 ibridge 8 for Oracle

Integrating IBM Rational Build Forge with IBM Rational ClearCase and IBM Rational ClearQuest

Proposal for a Tivoli Storage Manager Client system migration from Solaris with VxFS to Linux with GPFS or AIX with GPFS or JFS2

Netcool/Impact Version Release Notes GI

Version 2 Release 1. IBM i2 Enterprise Insight Analysis Understanding the Deployment Patterns IBM BA

IBM Netcool/OMNIbus 8.1 Web GUI Event List: sending NodeClickedOn data using Netcool/Impact. Licensed Materials Property of IBM

Determining dependencies in Cúram data

Development tools System i5 Debugger

IBM. Avoiding Inventory Synchronization Issues With UBA Technical Note

Integrated use of IBM WebSphere Adapter for Siebel and SAP with WPS Relationship Service. Quick Start Scenarios

Limitations and Workarounds Supplement

IBM Operations Analytics - Log Analysis: Network Manager Insight Pack Version 1 Release 4.1 GI IBM

Application and Database Protection in a VMware vsphere Environment

Installing on Windows

Version 1.2 Tivoli Integrated Portal 2.2. Tivoli Integrated Portal Customization guide

ios 9 support in IBM MobileFirst Platform Foundation IBM

Tivoli Access Manager for Enterprise Single Sign-On

IBM Maximo for Aviation MRO Version 7 Release 6. Installation Guide IBM

IBM Storage Management Pack for Microsoft System Center Operations Manager (SCOM) Version Release Notes IBM

IBM. Business Process Troubleshooting. IBM Sterling B2B Integrator. Release 5.2

Best practices. Reducing concurrent SIM connection requests to SSM for Windows IBM Platform Symphony

System i. Networking RouteD. Version 5 Release 4

IBM Maximo Calibration Version 7 Release 6. Installation Guide

IBM Copy Services Manager Version 6 Release 1. Release Notes August 2016 IBM

IBM Content Analytics with Enterprise Search Version 3.0. Expanding queries and influencing how documents are ranked in the results

IBM Rational DOORS Installing and Using the RQM Interface Release 9.2

IBM Cloud Orchestrator. Content Pack for IBM Endpoint Manager for Software Distribution IBM

Contents. Configuring AD SSO for Platform Symphony API Page 2 of 8

IBM Maximo Spatial Asset Management Version 7 Release 5. Installation Guide

IBM. Release Notes November IBM Copy Services Manager. Version 6 Release 1

Best practices. Linux system tuning for heavilyloaded. IBM Platform Symphony

IBM ATLAS POLICY SUITE V6.0.3 FIX PACK 4 README. Release Date: December 05, 2016

IBM OpenPages GRC Platform Version Interim Fix 5. Interim Fix ReadMe

IBM Rational Development and Test Environment for System z Version Release Letter GI

IBM Tivoli Directory Server Version 5.2 Client Readme

IBM Tealeaf UI Capture j2 Version 2 Release 1 May 15, IBM Tealeaf UI Capture j2 Release Notes

Rational Focal Point Technical Overview 2(15)

IBM Directory Integrator 5.1.2: Readme Addendum

IBM WebSphere Sample Adapter for Enterprise Information System Simulator Deployment and Testing on WPS 7.0. Quick Start Scenarios

IBM XIV Host Attachment Kit for HP-UX Version Release Notes

A Quick Look at IBM SmartCloud Monitoring. Author: Larry McWilliams, IBM Tivoli Integration of Competency Document Version 1, Update:

Implementing Enhanced LDAP Security

IBM Storage Host Attachment Kit for HP-UX Version Release Notes IBM

Release Notes. IBM Security Identity Manager GroupWise Adapter. Version First Edition (September 13, 2013)

ServeRAID-MR10i SAS/SATA Controller IBM System x at-a-glance guide

IBM XIV Host Attachment Kit for HP-UX Version Release Notes

Release Notes. IBM Tivoli Identity Manager Rational ClearQuest Adapter for TDI 7.0. Version First Edition (January 15, 2011)

Tivoli Access Manager for Enterprise Single Sign-On

Printing Systems Division. Infoprint Manager for AIX NLV Release Notes

IBM Optim. Compare Introduction. Version7Release3

IBM Rational Synergy DCM-GUI

Setting Up Swagger UI for a Production Environment

Transcription:

IBM Security QRadar Version 7.2.0 Technical Note

Note: Before using this information and the product that it supports, read the information in Notices and Trademarks on page 3. Copyright IBM Corp. 2012, 2013 All Rights Reserved US Government Restricted Rights - Use, duplication or disclosure restricted by GSA ADP Schedule Contract with IBM Corp.

CONTENTS 1 QRADAR RIGHT-CLICK MENU Customizing The Right-Click Menu....................................... 1 A NOTICES AND TRADEMARKS Notices.............................................................3 Trademarks......................................................... 5

1 QRADAR RIGHT-CLICK MENU You can right-click any IP address in the IBM Security QRadar interface to access additional details for the selected IP address. For information on the options available with the right-click menu, see the QRadar Log Manager Users Guide. You can customize the options that appear in right-click menus in QRadar. Customizing these menu options using a plug-in Application Programming Interface (API). You can add additional items, such as an option to scan the NetBIOS, to the menu to provide easy access to functionality. Unless otherwise noted, all references to QRadar refer to IBM Security QRadar, IBM Security QRadar Log Manager, and IBM Security QRadar Network Anomaly Detection. References to flows do not apply to QRadar Log Manager. Customizing The Right-Click Menu You can customize the right-click menu. About this task The following table provides parameter definitions for customizing the right-click menu. Any change to the right-click menu requires a user interface restart. Right-click customizations should be scheduled during maintenance hours. Parameter {Name} {Description} {URL} Definition is the text that is displayed in the right-click menu is the description of the entry. This is the text that is displayed in the tooltip for your menu option. This is an optional field. is the URL field that specifies the web address that opens in a new window. You can use the placeholder %IP% in this field to refer to the IP address that is being selected. Also, to pass other URL parameters to this URL, you must use the & option. For example: url="/lookup?ip=%ip%&force=true".

2 QRADAR RIGHT-CLICK MENU Parameter {Command} {Required Capabilities} Definition is a command that you wish to execute on the Console. The output of the command is displayed in a new window. You should use the placeholder %IP% in this field to refer to the IP address that is being selected. is any capabilities the user is required to have to access this option, comma-delimited. (for example, "ADMIN"). If the user does not have all capabilities listed, the entry will not be displayed. This is an optional field. Procedure Step 1 Step 2 Step 3 Step 4 Step 5 Step 6 Using SSH, log in to QRadar as the root user: Username: root Password: <password> Copy the ip_context_menu.xml file from the /opt/qradar/conf/templates directory to the /opt/qradar/conf directory on the QRadar server. To open the file, type the following command: vim /opt/qradar/conf/ip_context_menu.xml Edit the file, as required. The file accepts menuentry XML nodes to customize the right-click menu. Use the following format: <menuentry name="{name}" description="{description}" exec="{command}" url="{url}" requiredcapabilities="{required Capabilities}"/> Refer to table in About this task section for parameter descriptions. The completed file must resemble the following: <?xml version="1.0" encoding="utf-8"?> <!- This is a configuration file to add custom actions into the IP address right-click menu. Entries must be of one of the following formats: --> <contextmenu> <menuentry name="traceroute" exec="/usr/sbin/traceroute %IP%" /> <menuentry name="external ARIN Lookup" url="http://ws.arin.net/whois/?queryinput=%ip%" /> </contextmenu> Save and exit the file. To restart services, type the following command: service tomcat restart The user interface is restarted to include any new right-click menu options.

A NOTICES AND TRADEMARKS What s in this appendix: Notices Trademarks This section describes some important notices, trademarks, and compliance information. Notices This information was developed for products and services offered in the U.S.A. IBM may not offer the products, services, or features discussed in this document in other countries. Consult your local IBM representative for information on the products and services currently available in your area. Any reference to an IBM product, program, or service is not intended to state or imply that only that IBM product, program, or service may be used. Any functionally equivalent product, program, or service that does not infringe any IBM intellectual property right may be used instead. However, it is the user's responsibility to evaluate and verify the operation of any non-ibm product, program, or service. IBM may have patents or pending patent applications covering subject matter described in this document. The furnishing of this document does not grant you any license to these patents. You can send license inquiries, in writing, to: IBM Director of Licensing IBM Corporation North Castle Drive Armonk, NY 10504-1785 U.S.A. For license inquiries regarding double-byte character set (DBCS) information, contact the IBM Intellectual Property Department in your country or send inquiries, in writing, to: Intellectual Property Licensing Legal and Intellectual Property Law IBM Japan Ltd. 19-21, Nihonbashi-Hakozakicho, Chuo-ku Tokyo 103-8510, Japan The following paragraph does not apply to the United Kingdom or any other country where such provisions are inconsistent with local law:

4 INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some states do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. Any references in this information to non-ibm Web sites are provided for convenience only and do not in any manner serve as an endorsement of those Web sites. The materials at those Web sites are not part of the materials for this IBM product and use of those Web sites is at your own risk. IBM may use or distribute any of the information you supply in any way it believes appropriate without incurring any obligation to you. Licensees of this program who wish to have information about it for the purpose of enabling: (i) the exchange of information between independently created programs and other programs (including this one) and (ii) the mutual use of the information which has been exchanged, should contact: IBM Corporation 170 Tracer Lane, Waltham MA 02451, USA Such information may be available, subject to appropriate terms and conditions, including in some cases, payment of a fee. The licensed program described in this document and all licensed material available for it are provided by IBM under terms of the IBM Customer Agreement, IBM International Program License Agreement or any equivalent agreement between us. Any performance data contained herein was determined in a controlled environment. Therefore, the results obtained in other operating environments may vary significantly. Some measurements may have been made on development-level systems and there is no guarantee that these measurements will be the same on generally available systems. Furthermore, some measurements may have been estimated through extrapolation. Actual results may vary. Users of this document should verify the applicable data for their specific environment. Information concerning non-ibm products was obtained from the suppliers of those products, their published announcements or other publicly available sources. IBM has not tested those products and cannot confirm the accuracy of performance, compatibility or any other claims related to non-ibm products. Questions on the

Trademarks 5 capabilities of non-ibm products should be addressed to the suppliers of those products. All statements regarding IBM's future direction or intent are subject to change or withdrawal without notice, and represent goals and objectives only. All IBM prices shown are IBM's suggested retail prices, are current and are subject to change without notice. Dealer prices may vary. This information contains examples of data and reports used in daily business operations. To illustrate them as completely as possible, the examples include the names of individuals, companies, brands, and products. All of these names are fictitious and any similarity to the names and addresses used by an actual business enterprise is entirely coincidental. If you are viewing this information softcopy, the photographs and color illustrations may not appear. Trademarks IBM, the IBM logo, and ibm.com are trademarks or registered trademarks of International Business Machines Corp., registered in many jurisdictions worldwide. Other product and service names might be trademarks of IBM or other companies. A current list of IBM trademarks is available on the Web at Copyright and trademark information at http:\\www.ibm.com/legal/copytrade.shtml.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback