storeOffenseInAriel #270
Description
Since we have current limitation of having only 2 years of Offense retention. We can collect the offense details in QRadar SIEM using Universal Cloud REST API.
Workflow and workflow parameters can be used in log source and can be fed to QRadar itself. Later we can search the past generated offenses, offense Trigger Time and close time. Analyst who worked on the offenses.