×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

   

This documentation supports the 22.1 and consecutive patch versions of BMC Helix Multi-Cloud Broker.

To view an earlier version, select the version from the Product version menu.

BMC Helix Multi-Cloud Broker 22.1 ... Getting started Use cases

Incident creation from IBM QRadar offenses

BMC Helix Multi-Cloud Broker provides prebuilt integration with IBM QRadar Security Information and Event Management (SIEM) to create incidents in BMC Helix ITSM whenever QRadar SIEM offenses are generated.


Scenario

Scenario

Apex Global uses QRadar SIEM for monitoring security threats in the enterprise data across on-premises and cloud-based environments. QRadar SIEM generates offenses whenever it detects a threat in the environments, servers, or the networks it is monitoring, such as malware injection. BMC Helix Multi-Cloud Broker creates incidents in BMC Helix ITSM when such offenses are generated so that Apex Global can remediate the issue even before a service request is raised for the problem.

Apex Global has the following requirements:

  • QRadar SIEM generates offenses whenever it detects a security threat to the organization data.

  • A ticket needs to be created in BMC Helix ITSM.


Workflow

Apex Global implements their requirements by using BMC Helix Multi-Cloud Broker:

ProductUserActionReference

BMC Helix Multi-Cloud Broker

Administrator

Set up BMC Helix Multi-Cloud Broker to integrate BMC Helix ITSM with QRadar SIEM.

Creating incidents from IBM QRadar SIEM offenses via BMC Helix iPaaS, powered by Jitterbit

BMC Helix Multi-Cloud Broker

AdministratorSet up the required trigger conditions for creating incidents in BMC Helix ITSM.Creating incidents from IBM QRadar SIEM offenses via BMC Helix iPaaS, powered by Jitterbit


Results

After Apex Global performs the tasks to integrate BMC Helix ITSM with QRadar SIEM, QRadar SIEM offenses are synchronized to BMC Helix ITSM incidents in the following ways: 

  1. QRadar SIEM generates offenses whenever it detects a security threat.
  2. BMC Helix Multi-Cloud Broker validates the trigger conditions and creates a ticket in BMC Helix ITSM.
  3. BMC Helix ITSM displays the incident details in the BMC Helix ITSM: Smart IT console.


Benefits

  • Effective ticket management from a single console.
  • Easily track issues through automatic ticket creation and updates.
  • Remediate issues before a service request is created for the problem.

Was this page helpful? Yes No Submitting... Thank you
Last modified by Anushree Chavan on Oct 11, 2022
use_cases creating incidents offenses

Comments

Log in or register to comment.

Incident creation from TrueSight Operations Management events
Incident creation from ServiceNow incidents
© Copyright 2017 - 2023 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2023 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.