User contributions for Ebasso

16 June 2025

• 17:2617:26, 16 June 2025 diff hist −2‎ IBM QRadar SOAR: Working with Incident Properties with Playbooks ‎No edit summary current
• 17:2617:26, 16 June 2025 diff hist +1,117‎ N IBM QRadar SOAR: Working with Incident Properties with Playbooks ‎ Created page with "Simple playbook to close a Incident == Configuring the Playbook == 372x600px In your playbook: 1) add or edit the '''Define Properties''' script. Provide the following code: <nowiki> x_var= {} x_var['value'] = 'Blablabla' my_vars = { "id": 4, "default_inc_type": "Phishing", "username": "John Connor" } playbook.addProperty('x_var', x_var) playbook.addProperty('my_vars', my_vars) </nowiki> 1) add or edit the '''Define Propertie..."
• 17:2317:23, 16 June 2025 diff hist 0‎ N File:Playbook-properties.PNG ‎No edit summary current
• 17:2117:21, 16 June 2025 diff hist +72‎ IBM QRadar ‎ →‎IBM QRadar SOAR current

12 June 2025

• 12:5712:57, 12 June 2025 diff hist +1‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Main Playbooks current
• 12:5712:57, 12 June 2025 diff hist −6‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Example Use Case
• 12:5512:55, 12 June 2025 diff hist +2‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎What Are Asynchronous Playbooks in Incident Playbooks?
• 12:5512:55, 12 June 2025 diff hist +79‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎No edit summary
• 12:5212:52, 12 June 2025 diff hist −11‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Enrichment Playbooks
• 12:5112:51, 12 June 2025 diff hist +208‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Main Playbooks
• 12:4812:48, 12 June 2025 diff hist +96‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Enrichment Playbooks
• 12:4612:46, 12 June 2025 diff hist −8‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎No edit summary
• 12:4612:46, 12 June 2025 diff hist −20‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Techniques to Handle Asynchronous Playbooks in Incident Playbooks
• 12:4112:41, 12 June 2025 diff hist −52‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Example Use Case
• 12:3912:39, 12 June 2025 diff hist 0‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Example Use Case
• 12:3812:38, 12 June 2025 diff hist +62‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Example Use Case
• 12:2912:29, 12 June 2025 diff hist 0‎ File:Task-utils-close-incident-03.PNG ‎ Ebasso uploaded a new version of File:Task-utils-close-incident-03.PNG current
• 12:2812:28, 12 June 2025 diff hist 0‎ File:Task-utils-close-incident-02.PNG ‎ Ebasso uploaded a new version of File:Task-utils-close-incident-02.PNG current
• 12:2612:26, 12 June 2025 diff hist 0‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Techniques to Handle Asynchronous Playbooks in Incident Playbooks
• 12:2512:25, 12 June 2025 diff hist 0‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Techniques to Handle Asynchronous Playbooks in Incident Playbooks
• 12:2412:24, 12 June 2025 diff hist +18‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Techniques to Handle Asynchronous Playbooks in Incident Playbooks
• 12:2412:24, 12 June 2025 diff hist +2‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Techniques to Handle Asynchronous Playbooks in Incident Playbooks
• 12:2212:22, 12 June 2025 diff hist +16‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Example Use Case
• 12:2112:21, 12 June 2025 diff hist −5‎ IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ →‎Example Use Case
• 12:2112:21, 12 June 2025 diff hist +2,053‎ N IBM QRadar SOAR: Handling Asynchronous Playbooks in Incident Playbook in IBM QRadar SOAR ‎ Created page with "In IBM QRadar SOAR (Security Orchestration, Automation and Response), **Incident Playbooks** are essential tools for automating the lifecycle of an incident. While many playbooks run in a linear, synchronous fashion, some real-world response scenarios require **asynchronous playbook behavior** — where the execution pauses and resumes based on external input, time delays, or manual actions. == What Are Asynchronous Playbooks in Incident Playbooks? == An asynchronous..."
• 12:1512:15, 12 June 2025 diff hist +96‎ IBM QRadar ‎ →‎IBM QRadar SOAR
• 12:0812:08, 12 June 2025 diff hist 0‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook current
• 12:0712:07, 12 June 2025 diff hist 0‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook
• 12:0712:07, 12 June 2025 diff hist 0‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook
• 12:0612:06, 12 June 2025 diff hist +10‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook
• 12:0512:05, 12 June 2025 diff hist −208‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook
• 11:5911:59, 12 June 2025 diff hist −1‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook
• 11:5911:59, 12 June 2025 diff hist +1‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook
• 11:5911:59, 12 June 2025 diff hist +41‎ IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ →‎Configuring the Playbook
• 11:5811:58, 12 June 2025 diff hist 0‎ N File:Task-utils-close-incident-03.PNG ‎No edit summary
• 11:5711:57, 12 June 2025 diff hist 0‎ N File:Task-utils-close-incident-02.PNG ‎No edit summary
• 11:5711:57, 12 June 2025 diff hist 0‎ N File:Task-utils-close-incident-01.PNG ‎No edit summary current
• 11:4111:41, 12 June 2025 diff hist −3‎ IBM QRadar SOAR: Handling Incident Artifacts with Playbooks ‎No edit summary current
• 11:4011:40, 12 June 2025 diff hist −158‎ IBM QRadar SOAR: Handling Incident Artifacts with Playbooks ‎No edit summary
• 11:3611:36, 12 June 2025 diff hist +1,407‎ N IBM QRadar SOAR: Handling Incident Tasks with Playbooks ‎ Created page with "IBM QRadar SOAR allows automated email sending through the '''fn_task_utils''' app. This app allowing you to interact with SOAR Artifacts for use with other automations. More details here: [https://ibmresilient.github.io/resilient-community-apps/fn_task_utils/README.html Task Utilities] == Prerequisites == * IBM QRadar SOAR configured. * '''fn_task_utils''' app installed. == Configuring the Playbook == In your playbook: 1) add or edit the '''Artifact Utils: Se..."
• 11:3511:35, 12 June 2025 diff hist +63‎ IBM QRadar ‎ →‎IBM QRadar SOAR

11 June 2025

• 18:4318:43, 11 June 2025 diff hist −7‎ IBM QRadar SOAR: Closing Incident with Playbooks ‎No edit summary current
• 18:4218:42, 11 June 2025 diff hist +2‎ IBM QRadar SOAR: Closing Incident with Playbooks ‎No edit summary
• 18:4218:42, 11 June 2025 diff hist +1‎ IBM QRadar SOAR: Closing Incident with Playbooks ‎ →‎Configuring the Playbook
• 18:4218:42, 11 June 2025 diff hist +730‎ N IBM QRadar SOAR: Closing Incident with Playbooks ‎ Created page with "Simple playbook to close a Incident == Configuring the Playbook == 346x599px In your playbook: 1) add or edit the '''Get Artifacts''' script. Provide the following code: <nowiki> incident.resolution_id = "Resolved" if incident.confirmed: incident.resolution_summary = "Incident was closed with CONFIRMED." else: incident.resolution_summary = "Incident was closed with Unconfirmed." incident.plan_status = "C" incident.addNote("..."
• 18:4018:40, 11 June 2025 diff hist 0‎ N File:Soar-close-incident.PNG ‎No edit summary current
• 18:3818:38, 11 June 2025 diff hist +56‎ IBM QRadar ‎ →‎IBM QRadar SOAR
• 17:5917:59, 11 June 2025 diff hist −149‎ IBM QRadar SOAR: Handling Incident Artifacts with Playbooks ‎ →‎Configuring the Playbook
• 17:5917:59, 11 June 2025 diff hist +18‎ IBM QRadar SOAR: Handling Incident Artifacts with Playbooks ‎ →‎Configuring the Playbook
• 17:5817:58, 11 June 2025 diff hist +499‎ IBM QRadar SOAR: Handling Incident Artifacts with Playbooks ‎ →‎Configuring the Playbook