XSOAR

XSOAR is an extended security orchestration, automation and response platform with native threat intel management.

By installing the Humio Add-on in XSOAR, XSOAR can be configured to automatically:

  • Query Humio for incidents.
  • Enrich incidents with additional contextual data.
  • Respond to incidents by setting up new Humio alerts.

Installation

You can integrate Humio and XSOAR by installing the Humio add-on in your XSOAR system, which is located under Settings → Integrations → Servers & Services page in XSOAR under the name Humio.

Here you will need to add a Humio instance and configure it as described here. Configuration requires an API key for your Humio instance, which is located under the /settings page in the Humio UI. Example https://cloud.humio.com/settings.