This repository contains samples of ways to get data into QRadar, mostly utilizing public REST APIs.
These samples are provided for reference purposes on an "as is" basis, and are without warranties of any kind.
Any issues discovered using the samples should not be directed to QRadar support, but be reported on the Github issues tracker.
An example python script that allows you to execute an AQL query and use the result to populate a reference set or reference table
An example python script that allows you to import STIX indicators either from an XML file or from a TAXII server
An example python script that allows you to import data from a CSV file into the asset model
Excel spreadsheet to retrieve and update reference data (tables and maps of sets) directly from an excel spreadsheet
Sample code demonstrating the creation and feeding of reference collections defined by the Ready For IBM Security Intelligence partner program
A sample of extracting TOR relay node IPs from the TOR Bundle and importing those as reference data for QRadar