This page is obsolete. For current content, see the following pages:
QRadar provides you the ability to add extensions. These extensions can provide QRadar with the ability to extend its functionality via your customization(s). You can provide additional security data and context, via security events, custom properties and reference maps and sets. This can be done via a Device Support Module (DSM) and Content Packages. You can also provide extended visualization and add to QRadarâ€™s Graphical User Interface via building a QRadar Application. See the cards below for more information on how to develop a QRadar extension.
QRadar can collect events from security products by using a plugin file that is called a Device Support Module (DSM). You can create a DSM using the DSM Editor which was introduced in QRadar Version 7.2.8.
QRadar Applications extend the QRadar Graphical User Interface. An SDK is provided to help you build, test and package your application. We have also provided samples, within the SDK as well as on this web site, of the various types of extensions that can be created. Finally, we have created videos that walk through the SDK and the QRadar capabilities that can be built.
New to the IBM Security X-Force App Exchange?
See this overview on QRadar to better understand its capabilities.
More Information on App Development
There are several development tools for creating content for QRadar. These are posted on the IBM Security App Exchange.
QRadar App Editor
The QRadar App Editor is an easy-to-use editor that any app developer can use. When you use the App Editor to develop a new app or import an existing app, the App Editor is on the app development tab. The App Editor is a ready-made workspace for you to manage the development of your app. You can easily deploy your changes and view the app live in QRadar
The IBM Security QRadar application framework has its own software development kit (SDK) that is downloadable from the IBM Security App Exchange. All users interested in extending QRadar to use the SDK and the IBM QRadar GUI Application Framework can develop new extensions that integrate with QRadar and provide new capabilities. The software development kit (SDK) can be used to create a development workspace, run apps locally for QA test purposes, or package your app to create an archive (.zip file) that contains your extension files. The IBM QRadar SDK is intended to help users develop and deploy apps to your QRadar Console.