This section contains instructions for integrating Kaspersky CyberTrace with QRadar in the standard integration scheme.
In this section
About the standard integration scheme (QRadar)
Step 1. Configuring QRadar to receive latest updates
Step 2. Sending a set of events to QRadar
Step 3. Forwarding events from QRadar to Feed Service
Step 4. Performing the verification test (QRadar)
Step 5. Retrieving custom event properties
Step 6. Creating a search filter for CyberTrace events
Step 7 (optional). Displaying events in a dashboard
Step 8 (optional). Creating notifications about incoming service events
Step 9 (optional). Installing Kaspersky Threat Feed App
Step 10 (optional). Enabling the indexes of the added custom event properties
Step 11 (optional). Configuring Kaspersky Threat Feed App