Pull Qradar data by QID

[blainedw]

I would love to see this feature enhancement to a great Synapse product. Please allow for pulling specific QID's. It allows for more targetted pulling of Qradar data.

[ninSmith]

I'm not sure o understand what you mean.

Could you give me an example of your usecase ?

[blainedw]

Currently the script uses date range as an argument. For busy systems that can pull in more offenses than intended. It would be nice to pull be offense ID (or as Qradar calls it QID) so that I pull in a specific offense into Synapse. DAVID BLAINE, GCIA, CISSP Information Security Section Manager General Dynamics Land Systems 6000 East 17 Mile Road, MZ: 435-01-16, Sterling Heights, MI 48313 GDLS Security | p: 586.825.8437 | m: 586-215-4174 | f: 586.825.8606 | [email protected] | www.gdls.com From: ninSmith [mailto:[email protected]] Sent: Wednesday, January 30, 2019 4:45 PM To: TheHive-Project/Synapse <[email protected]> Cc: Blaine, David W <[email protected]>; Author <[email protected]> Subject: Re: [TheHive-Project/Synapse] Pull Qradar data by QID (#24) CAUTION: THIS EMAIL WAS SENT FROM OUTSIDE GDLS. PLEASE DO NOT OPEN ANY URL LINKS, OPEN ATTACHMENTS OR REPLY TO THIS EMAIL IF YOU ARE UNABLE TO VERIFY THE SENDER’S EMAIL ADDRESS. ************************************ I'm not sure o understand what you mean. Could you give me an example of your usecase ? — You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub [github.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_TheHive-2DProject_Synapse_issues_24-23issuecomment-2D459121711&d=DwMCaQ&c=NGt3eTFKeC-HdGM3w9bJ1g&r=ODOcTxUG1nrye26SpubOfO_opNcwK6G9bFendtm-UB0&m=_HP-JAF2F2RuP9CwziTSxenCFg2WAVve4LvsVtC8zis&s=S3a6uAdo6tFM0QjPHz_k9lLQbIIfQiss8N1nTlieY0Y&e=>, or mute the thread [github.com]<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_notifications_unsubscribe-2Dauth_AsrH7F7R-5FaGg6M5FbmDNr8jteoDc29yZks5vIhJkgaJpZM4aJJOG&d=DwMCaQ&c=NGt3eTFKeC-HdGM3w9bJ1g&r=ODOcTxUG1nrye26SpubOfO_opNcwK6G9bFendtm-UB0&m=_HP-JAF2F2RuP9CwziTSxenCFg2WAVve4LvsVtC8zis&s=RVG22n3ZnYLoJfv7_KsQoax6nIvkh91B-g3mEBF4VLo&e=>.

…

---------------------------------------------------------------------- This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.