Integration of BitDefender GravityZone Cloud to IBM Qradar with API

ExperisCyberNir

hello,

we trying to do an Integration of BitDefender GravityZone Cloud to IBM Qradar with API.

at this time, you don't have any DSM or Instructions to do that.

we've tried to make this connection with DSM of SUMO and we faild:

we took this Curl code and run on Postman:

"

curl -k -X POST

https://cloudgz.gravityzone.bitdefender.com/api/v1.0/jsonrpc/push

-H 'authorization: Basic YWJlODU5MGRlNDg5N2E0MTg1NWQ4NTAxMWFhNzgzYWY5NjhiMzFiYWQzOTRkMWZjNzcxOTc5MjY3ZWEwZTFmNzo='

-H 'cache-control: no-cache'

-H 'content-type: application/json'

-d '{"params": {"status": 1,"serviceType": "cef","serviceSettings": {"url": "https:///qradar.experis-cyber.com:8080?token=abe8590de4897a41855d85011aa783af968b31bad394d1fc771979267ea0e1f7&type=bitdefender_grzone","requireValidSslCertificate": false,"authorization": "Basic YWJlODU5MGRlNDg5N2E0MTg1NWQ4NTAxMWFhNzgzYWY5NjhiMzFiYWQzOTRkMWZjNzcxOTc5MjY3ZWEwZTFmNzo="},"subscribeToEventTypes": {"adcloud":true,"antiexploit":true,"aph":true,"av":true,"avc":true,"dp":true,"endpoint-moved-in":true,"endpoint-moved-out":true,"exchange-malware":true,"exchange-user-credentials":true,"fw":true,"hd":true,"hwid-change":true,"install":true,"modules":true,"network-monitor":true,"network-sandboxing":true,"new-incident":true,"registration":true,"supa-update-status":true,"sva":true,"sva-load":true,"task-status":true,"troubleshooting-activity":true,"uc":true,"uninstall":true}},"jsonrpc": "2.0","method": "setPushEventSettings","id": "1"}'

not working.

we'll glad if you can help us.

thanks,

Nir, Experis Cyber.

Flexx

https://community.bitdefender.com/en/discussion/90719/integration-of-bitdefender-gravityzone-cloud-to-ibm-qradar-with-api

Since support for bitdefender business product is limited on forum, kindly contact the bitdefender business support by visiting https://www.bitdefender.com/support/contact-us.html?last_page=BusinessCategory  

Regards

Flex

(Bitdefender beta tester 2019/ 2020)