Integrate Reveal(x) 360 with Splunk SOAR
This integration enables you to export network threat detections, metrics, and packet data from Reveal(x) 360 into Splunk SOAR.
To configure this integration, you must create Splunk SOAR credentials and then add those credentials when you configure the ExtraHop App for Splunk SOAR.
System requirements
ExtraHop Reveal(x) 360
- Your user account must have privileges on Reveal(x) 360 for System and Access Administration.
- Your Reveal(x) 360 system must be connected to an ExtraHop sensor with firmware version 9.0 or later.
- Your Reveal(x) 360 system must be connected to ExtraHop Cloud Services.
Create Splunk SOAR integration credentials
The credential is also added to the ExtraHop REST API Credentials page
where you can view the credential status, copy the ID, or delete the
credential.
Install and configure the ExtraHop App for Splunk SOAR
Next steps
Export Reveal(x) 360 detections, metrics, and packets to Splunk SOAR and initiate actions such as getting device information or tagging a device according to the instructions in the ExtraHop App for Splunk SOAR.
Thank you for your feedback. Can we contact you to ask follow up questions?