Qradar - Network Inbound Investigation
- 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Qradar - Network Inbound Investigation
- Updated on 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
Qradar - Network Inbound Investigation
Description
Qradar Network Inbound Investigation is a playbook that helps organizations quickly and easily investigate inbound network traffic. This solution provides a comprehensive set of tools to identify suspicious activity and investigate potential threats. It leverages the power of IBM QRadar to analyze network traffic, detect malicious activity, and alert the security team of any suspicious activity. With this playbook, organizations can quickly investigate inbound network traffic, identify malicious actors, and take action to protect their networks. This playbook also provides detailed insights into the source and destination of network traffic, as well as the type of traffic and its volume. With this information, organizations can better understand their network traffic patterns and identify potential security threats. QRadar Network Inbound Investigation is an invaluable tool for organizations looking to protect their networks from malicious actors and investigate potential threats.
Trigger Request
HTTP Post Request
Headers:
| Key | Value |
|---|---|
| Content-Type | application/json |
- Json body parameters:
| Parameters | Type | Description |
|---|---|---|
| alertId | string | Please provide the description of this parameter. |
| asm | array | Please provide the description of this parameter. |
| baracuda | array | Please provide the description of this parameter. |
| fortigate | array | Please provide the description of this parameter. |
| fortiweb | array | Please provide the description of this parameter. |
Supported CDC Versions
- 2.8
Was this article helpful?