Limitations in IBM QRadar Offense Ingestion: Inability to Extract Rules beyond Mapped Events into ServiceNow - Support and Troubleshooting

Limitations in IBM QRadar Offense Ingestion: Inability to Extract Rules beyond Mapped Events into ServiceNow Issue The IBM QRadar profile module provides the ability to include regulations into ServiceNow. This feature can be found in the IBM QRadar regulations selection section.

There are rules at IBM QRadar end, but all of them are not reflecting when trying to add it from ServiceNow Only the rules which are created under event are visible from ServiceNow end There are lot many roles under common at IBM end but those are not showing up Cause This could be due to the problem in the permissions enabled for the service token

Resolution This could be due to the problem in the permissions enabled for the service token Refer to: Install and configure the ServiceNow application for the IBM QRadar offense ingestion integration To add an authorized service, click on the "Add" button and generate a token with both the Admin user role and Admin security profile. It's important to specify an expiration date that allows for a lengthy validity period. Refer to the below screenshot for the roles assigned to admin