Thank you for your feedback.
Form temporarily unavailable. Please try again or contact docfeedback@servicenow.com to submit your comments.
Versions
  • Madrid
  • London
  • Kingston
  • Jakarta
  • Istanbul
  • Helsinki
  • Geneva
  • Store
Close

Get IP Address API Filters activity

Log in to subscribe to topics and get notified when content changes.

Get IP Address API Filters activity

The Get IP Address API Filters workflow activity is used in the Security Operations QRadar Integration - Security Incident Enrichment workflow (included in the base system) to get the API filters to be passed to IP-related API calls from a security incident to QRadar.

Input variables

Input variables determine the initial behavior of the activity.

Table 1. Input variables
Variable Description
si_sys_id [string] The system id of the security incident.

Output variables

The output variables contain data that can be used in subsequent activities.

Table 2. Output variables
Variable Description
affected_resource_source_ip_filter [string] Filter string sent to QRadar REST Messages to identify where affected resource IP address was used as a source IP in QRadar.
affected_resource_local_dest_ip_filter [string] Filter string sent to QRadar REST messages to identify where the affected resource IP address was used as a local destination IP in QRadar.
source_ip_source_ip_filter [string] Filter string sent to QRadar REST messages to identify where the Source IP address was used as a source IP in QRadar.
source_ip_local_dest_ip_filter [string] Filter string sent to QRadar REST messages to identify where the source IP address was used as a local destination IP in QRadar.
dest_ip_source_ip_filter [string] Filter string sent to QRadar REST messages to identify where the destination IP address was used as a source IP in QRadar.
dest_ip_local_dest_ip_filter [string] Filter string sent to QRadar REST messages to identify where the destination IP address was used as a local destination IP in QRadar.
no_filters_to_apply [true/false] True if there are no filters to apply.
Feedback