Configuring the authorization token in QRadar settings

To view information in the IBM® QRadar® User Behavior Analytics (UBA) app, you must configure a UBA authorization token in UBA Settings.

About this task

QRadar on Cloud administrators can learn how to add and manage authorized service tokens by reading https://www.ibm.com/support/knowledgecenter/SSKMKU/com.ibm.qradar.doc/c_qrocss_manageauthservices.html.

If you’re a QRadar on Cloud customer, contact Customer Support to create an authorized service token for you.

You must complete the following steps to create an authorization token. Do not save the configuration until have you configured all of the UBA Settings.

Procedure

  1. On the navigation menu ( Navigation menu icon ), click Admin.
  2. Click the UBA Settings icon. (Apps > User Analytics > UBA Settings).
  3. In the QRadar Settings section, click the Manage Authorized Services link.
    Authorization token screen
  4. Click Add Authorized Service
  5. In the Service Name field, type UBA.
  6. From the User Role list, select the Admin user role.
  7. From the Security Profile list, select the security profile that you want to assign to this authorized service. The security profile determines the networks and log sources that this service can access on the QRadar user interface.
  8. In the Expiry Date list, type or select a date for this service to expire. If an expiry date is not necessary, select No Expiry.
  9. Click Create Service.
  10. Click the row that contains the UBA service you created and then select and copy the token string from the Selected Token field in the menu bar.
  11. Return to the QRadar Settings section and paste the authorized service token string into the Token field.

What to do next

Configuring content package settings