The SmartNotes architecture allows the use of custom server modules that extend the standard functionality of the SmartNotes application server. Some of the requirements described in the later parts of this document can be easily implemented using such an extension interface.
It is assumed that the company currently operates a standard SmartNotes installation without additional server modules. According to the new requirements for this system, certain events must be reported to a third-party system. These requirements, which aim to respond to specific server triggers (events), can be easily incorporated into such modules. For this reason, AMANA proposes to develop a custom module to interface with the target systems. The target system to which events are to be reported is IBM's QRadar. QRadar accepts network messages that comply with the LEEF 2.0 standard. Communication takes place via the UDP protocol.
| 