This article explains how to grant Expel access to your Exabeam Fusion New-Scale SIEM.
In this article
Step 1: Create an API key
Having read-only access to the interface of your technology allows Expel to dig deeper during incident investigations. Our device health team uses this access to investigate potential health issues with your tech.
-
Log in to the Exabeam web console.
-
Navigate to Settings > API Keys.
-
Create a new API Key with the Search, Analyze and Export permission set.
-
When the new key is generated, copy the KEY ID and KEY SECRET.
-
Navigate to Exabeam docs to determine your Exabeam API base URL.
Step 2: Configure the technology in Workbench
Now that we have the correct access configured and noted the credentials, we can integrate your tech with Workbench.
-
Navigate to Workbench > Organization Settings > Security Devices.
-
Search for and select Exabeam Fusion New-Scale SIEM Collector.
-
Type the KEY ID and KEY SECRET generated in Step 1.
You can see if the device is healthy on the Security Devices page. It may take a few minutes to see the device listed as healthy.
To check if alerts are coming through, navigate to the Alerts Analysis page. Scroll to the device you want to check and click View alerts. Switch to grid view, then check the list for device alerts. It can take 36 to 72 hours for alerts to appear after setup, as we tune your device.