: Set up CrowdStrike for Integration
Focus
Focus

Set up CrowdStrike for Integration

Table of Contents

Set up CrowdStrike for Integration

Set up CrowdStrike for integration with
IoT Security
through
Cortex XSOAR
.
Generate a client ID and secret and get the CrowdStrike server API URL for
Cortex XSOAR
to use when querying the CrowdStrike cloud server for device attributes. Copy and save these in a text file, so you can later copy and paste them into XSOAR when configuring a CrowdStrike integration instance.
  1. Generate a client ID, secret, and base URL.
    1. Log in to the CrowdStrike console, expand the navigation menu, and select
      Support and resources
      API clients and keys
      .
    2. Select
      + Add new API client
      , enter the following, and leave the other settings at their default values:
      Client Name
      : Enter a name for the
      Cortex XSOAR
      instance that will be connecting to the CrowdStrike API; for example,
      acme-xsoar1
      .
      Description
      : Enter a useful description of the API client for future reference.
      API Scopes
      : Select the following check boxes to allow read-only access to the API so that
      Cortex XSOAR
      can retrieve device attributes from CrowdStrike.
      • Hosts
        :
        Read
      • Host Groups
        :
        Read
    3. Click
      Add
      .
      When you click
      Add
      , a panel appears with the client ID, secret, and base URL that
      Cortex XSOAR
      needs to access the API of the CrowdStrike cloud server.
  2. Copy the client ID, secret, and base URL.
    1. Click the copy icon to the right of the client ID string and then paste the copied text string into a text file.
    2. Repeat the previous step for the secret and base URL strings.
    3. Save the text file in a secure location for use when configuring the CrowdStrike integration instance in
      Cortex XSOAR
      .

Recommended For You