Interpres Application - Exabeam
- Type: SIEM/Data Lake
- Vendor: Exabeam
This app integrates with Exabeam to get Telemetry, Detections and Alerts.
Vendor setup
- Open the Exabeam Security Operations Platform and on the lower-left side of the page, click Settings, and then click API Keys.
- Generate a new API Key with the following permissions:
- Search, Analyze and Export
- Correlation Rules
- Threat Center
App Configuration
App Parameters:
- Base URL: The URL to the source instance. (this should only be up through the hostname e.g. https://api.us-west.exabeam.cloud
- API Key: API Key
- API Secret: API Secret
- Proxy: A valid proxy server using the following format https://
: '
App Validation
Check there is connectivity (green light) in the integration created.
Implemented Actions
- Get Alerts: Gets the latest alerts.
- Get Available Telemetry: Returns a list of telemetry identifiers with their current status.
- Get Detections: Returns a list of detections.