This repository contains samples of ways to get data into QRadar, mostly utilizing public REST APIs.
These samples are provided for reference purposes on an "as is" basis, and are without warranties of any kind.
Any issues discovered using the samples should not be directed to QRadar support, but be reported on the Github issues tracker.
aql-to-reference-data
An example python script that allows you to execute an AQL query and use the result to populate a reference set or reference table
stix-import
An example python script that allows you to import STIX indicators either from an XML file or from a TAXII server
assets
An example python script that allows you to import data from a CSV file into the asset model
excel
Excel spreadsheet to retrieve and update reference data (tables and maps of sets) directly from an excel spreadsheet
rfisi-threat-import
Sample code demonstrating the creation and feeding of reference collections defined by the Ready For IBM Security Intelligence partner program
tor-nodes-import
A sample of extracting TOR relay node IPs from the TOR Bundle and importing those as reference data for QRadar