ExtraHop RevealX 360
- 18 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
ExtraHop RevealX 360
- Updated on 18 Mar 2025
- 2 Minutes to read
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback!
ExtraHop Reveal(x) 360 is a SaaS-based security solution providing unified visibility and protection across hybrid and multicloud environments. ExtraHop helps detect and mitigate threats such as ransomware and software supply chain attacks. For detailed information, refer to the ExtraHop’s official documentation.
Integration Method: API
Tables: Device Inventory Info (5001), Detection Finding (2004)
This integration supports the following events.
Event | Description |
|---|---|
Alerts | Retrieves list of all alerts from Reveal(x) 360. |
Devices | Retrieve the device list from Reveal(x) 360. |
This integration supports the following versions.
ExtraHop API | v1 |
Note:
ExtraHop Reveal X 360 doesn’t follow a traditional versioning system. Instead, it is a continuously updated cloud service.
Prerequisites
The user should have system and access administration privileges of ExtraHop.
The user should have access to the DataBee console.
Configuration Overview
Create REST API Credentials with required permissions to fetch the data.
Create ExtraHop Reveal X 360 data feed in the DataBee console with the required Client credentials.
DataBee Parameter
ExtraHop Parameter
API Base URL <instance>
Client Key
Client Secret
Token URL <instance>
ExtraHop Configuration
Login to the ExtraHop Reveal(X) 360 Dashboard.
From the Settings icon of top right corner, navigate to System Settings and then select All Administration.
From “All Administration” page, navigate to API Access.
Enable the Manage API Access then click Create Credentials.
Click on Create Credentials, enter the Credential ‘Name’, select the following access rights, and then click on Save.
Access Type
Access
System Access
Full read-only
NDR Module Access
Full access
NPM Module Access
Full access
Make sure to copy the credentials and save them in your machine for later use.
Example API Endpoint: https://yourInstance.api.cloud.extrahop.com
Here, in the above example, ‘yourInstance’ represents the instance value.
Note:
Make sure to copy and save secret as it will not be shown again.
DataBee Configuration
Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.
Search for the ExtraHop Reveal(X) 360 and click it as shown below.
Click on the API Ingest option for collection method.
Enter feed contact information and click Next.
In the configuration page, confirm the following:
Authorization Method: OAuth2
API Base URL: replace <instance> with your instance value got from API Endpoint.
Client Key: paste the ID generated earlier.
Client Secret: paste the Secret generated earlier.
Token URL: replace <instance> with your instance value got from API Endpoint.
Event Types: preselected for all the event types that integration pulls.
Click Submit.
Troubleshooting Tips
If you are facing an invalid client error, it might be due to incorrect credentials. Please ensure that the ID and secret are pasted correctly. Since the secret cannot be viewed after the first time, re-create the API client, paste the generated credentials into a text editor to verify that there are no spaces or unexpected characters, and then reconfigure the DataBee feed.
Was this article helpful?