ExtraHop Reveal(x) is a cloud-native Network Detection and Response (NRD) platform that uses real-time analytics and machine learning on wire data to detect anomalous behavior impacting critical assets. Reveal(x) then maps the anomalous behavior to one or more steps in the attack chain and provides an analysis-first workflow to find root cause.
Configuring the Connector for ExtraHop Reveal(x) #
To configure Lucidum to ingest data from ExtraHop Reveal(x):
-
Log in to Lucidum.
-
In the left pane, click Connector.
-
In the Connector page, click Add Connector.
-
Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.
-
In the Settings page, enter the following:
-
URL (required): The URL of the ExtraHop Reveal(x) API
-
API Key (required): ExtraHop Reveal(x) API key. To generate an API Key, see https://docs.extrahop.com/8.0/rest-api-guide/#generate-an-api-key.
-
Verify SSL. For future use.
-
-
To test the configuration, click Test.
-
If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.
-
If the connector is not configured correctly, Lucidum displays an error message.
-
API Documentation #
API version V1
https://docs.extrahop.com/8.0/rest-api-guide/#generate-an-api-key
