Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Installing Extensions by using an Admin Level Authorized Service Token

Administrators can create an admin level authorized service token that enables QRadar Assistant to install extensions in the background.

You must be an administrator to complete this task.

In QRadar Assistant 3.2.0 or later, you can use the install_exts_by_service_token parameter in the config file to enable or disable the background installation. By default, the parameter is set to true. You must set it to false to enable QRadar Assistant to install extensions by an admin level authorized service token in the current browser session.

Note:

If you log out of the current session before the extension installation is complete, the installation might stop prematurely.

  1. Use SSH to log in to your JSA Console as the root user.
  2. Connect to the QRadar Assistant app container by typing the following command:
    /opt/qradar/support/recon
  3. Go to the store folder for QRadar Assistant.
  4. Edit the config_prod.json file to change the value from true to false for the install_exts_by_service_token parameter.

    The installed_by field displays the name of the administrator or the authorized service token that was used to install the extension.

  5. Save the config_prod.json file.
    Tip:

    The changes made to the config_prod.json remain in effect even after an upgrade. Change the value for install_exts_by_service_token to true when you want QRadar Assistant to use an admin authorized service token rather than a user access token to install extensions.

The changes take effect immediately.