Apps
Gravwell

Interpres Application - Gravwell

  • Type: SIEM/Data Lake
  • Vendor: Gravwell

Gravwell is an enterprise data fusion platform that enables security teams to investigate, collaborate, and analyze data from any source.

Vendor setup

Create a token in the API Token System. The Tokens API interface is located in the "Tools & Resources" navigation section.

Gravwell capabilities required:

  • Search
  • AlertRead

Gravwell tag access required:

  • All Possible Tags

App Configuration

App Parameters:

  • Base URL:: The URL to the source instance using the following format https://:
  • Token:: Token
  • Verify server certificate: Verify server certificate.
  • Proxy:: A valid proxy server using the following format https://:'

App Validation

Check there is connectivity (green light) in the integration created.

Implemented Actions

  • Get Alerts: Gets the latest alerts.
  • Get Available Telemetry: Returns a list of telemetry identifiers with their current status.
  • Get Detections: Returns a list of detections.



Did this page help you?
PREVIOUS
Interpres Application - Google SecOps
NEXT
Interpres Application - HarfangLab
Docs powered by Archbee