Siemplify has a number of pre-built integrations that communicate with various security devices and fetch raw information to build a case.
In this article, we will look at downloading, installing, configuring and using the AlienVault USM Anwhere Integration.
- In the Siemplify platform, click the Marketplace icon on the top right hand side of the screen.
- In the Search field of the Marketplace, enter AlienVault USM Anywhere.
- Click the Download arrow at the bottom of the integration.
- Optionally, click on Read More to see more information about the integration.
- Next, click on the wheel icon in order to configure the Alien Vault integration.
- Enter the API Root, Username and Password.
- Click Save.
- Test the configuration by clicking Test in this screen. A green tick will appear next to Test to let you know that the integration is accessible.
The next stage is to enable this integration to work as a Connector.
- Navigate to Settings > Connectors.
- Click the plus icon on the top left of the screen and select AlienVault USM Anywhere.
- Click Create.
- Add the following information:
- Run Every: This field determines how often the connector will ingest cases from AlienVault into Siemplify.
- API Root: same as you entered previously
- Username: same as you entered previously
- Password: same as you entered previously.
- Make sure to toggle the button at the top to enable it.
- Click Save on the top right corner.
Now, the connector will ingest cases from the Alienvault appliance every 1 minute 10 seconds as configured in Run Every field.
Need more help with this?
Click here to open a Support ticket