CrowdStrike Falcon Data Replicator
Log in to CrowdStrike Falcon Console:
- Go to the CrowdStrike Falcon login page and sign in with your administrator credentials.
Navigate to API Credentials:
- From the dashboard, go to the "Support" section.
- Select "API Clients and Keys" from the menu.
Create a New API Key:
- Click on "Add new API Client".
- Enter a name and description for the API key to identify its purpose.
- Set the permissions or scopes as needed for Falcon Data Replicator access.
Generate and Copy the API Key:
- Click "Generate" to create the API key.
- Copy the generated API key and store it securely. Note that this will be the only time the key is fully visible.
Save and Use the API Key:
- Save your changes in the CrowdStrike Falcon console.
- Use the API key in your application to authenticate API requests.
Providing Information to Configure SecurIST
After generating the API key, please provide the following information to us to complete the configuration on our side:
- API Key: The API key you generated.
- Unique FQDN
Log Source Details:
- Type of log data (e.g., security events, user activities).
- Any specific identifiers or tags you use.
Log Data Format:
- Format of the logs being sent (e.g., JSON).
Log Source IP Address:
- The IP address from which the logs will be sent.
Please send the above details to our support team via an "Onboard Log source request in your SecurIST platform
Getting Help
If you encounter any issues or need assistance during this process, our support team is here to help. You can reach out to us through:
Support Portal: Submit a ticket via our support portal for detailed assistance. Documentation: Refer to our extensive documentation library for troubleshooting and additional guides.
By providing these details, we will be able to configure SecurIST to accept and process Bitdefender logs for your SIEM service.