Crowdstrike Configuration
- Navigate to Support > API Clients and Keys
- Click “Add new API Client”
- Name the new client, select read-only for all scopes and click Add.
- Copy the Client ID and Client Secret
PRECINCT CONFIGURATION
- Go to Admin > SOAR > Crowdstrike API > Config
- Click the checkbox for Enable the Crowdstrike Integration
- Paste the Client ID and Client Secret
- Click the disk icon (Save)
- Click Jobs and go to Artifacts from Crowdstrike.
- Select Triggers, expanding Manual Trigger and Interval Trigger.
- Toggle both to State: ENABLED
- The Interval Trigger is set to 2 hours by default, but you can update it to what best suits your organization. (Recommended: 10 minutes)
- Click the disk icon (Save)
Crowdstrike API doc
- You must be logged in to reply to this topic.