Qradar - Network Inbound Evidence Collection
- 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Qradar - Network Inbound Evidence Collection
- Updated on 02 Apr 2025
- 1 Minute to read
- DarkLight
- PDF
Article summary
Did you find this summary helpful?
Thank you for your feedback!
Qradar - Network Inbound Evidence Collection
Description
Qradar Network Inbound Evidence Collection is a powerful automation tool that helps organizations collect and store evidence from network traffic for use in investigations and compliance activities. It enables organizations to quickly and securely collect evidence from network traffic inbound to the network, such as emails, web traffic, and file transfers. This evidence can be used to identify malicious activity, investigate security incidents, and ensure compliance with regulatory requirements. Qradar Network Inbound Evidence Collection automates the collection process, allowing organizations to quickly and easily collect and store evidence from network traffic. It also provides advanced features such as filtering and aggregation, allowing organizations to quickly and easily identify suspicious activity. Additionally, Qradar Network Inbound Evidence Collection provides a secure and reliable storage solution for evidence, allowing organizations to store evidence for long-term use. With Qradar Network Inbound Evidence Collection, organizations can quickly and easily collect and store evidence from network traffic, helping them to quickly and effectively investigate security incidents and ensure compliance with regulatory requirements.
Trigger Request
HTTP Post Request
Headers:
| Key | Value |
|---|---|
| Content-Type | application/json |
- Json body parameters:
| Parameters | Type | Description |
|---|---|---|
| alertId | string | Please provide the description of this parameter. |
| query | string | Please provide the description of this parameter. |
Supported CDC Versions
- 2.8
Was this article helpful?