ExtraHop RevealX 360
  • 18 Mar 2025
  • 2 Minutes to read
  • Dark
    Light

ExtraHop RevealX 360

  • Dark
    Light

Article summary

ExtraHop Reveal(x) 360 is a SaaS-based security solution providing unified visibility and protection across hybrid and multicloud environments. ExtraHop helps detect and mitigate threats such as ransomware and software supply chain attacks. For detailed information, refer to the ExtraHop’s official documentation.

Integration Method: API

Tables: Device Inventory Info (5001), Detection Finding (2004)

This integration supports the following events.

Event

Description

Alerts

Retrieves list of all alerts from Reveal(x) 360.

Devices

Retrieve the device list from Reveal(x) 360.

This integration supports the following versions.

ExtraHop API

v1

Note:

ExtraHop Reveal X 360 doesn’t follow a traditional versioning system. Instead, it is a continuously updated cloud service.

Prerequisites

  • The user should have system and access administration privileges of ExtraHop.

  • The user should have access to the DataBee console.

Configuration Overview

  1. Create REST API Credentials with required permissions to fetch the data.

  2. Create ExtraHop Reveal X 360 data feed in the DataBee console with the required Client credentials.

    DataBee Parameter

    ExtraHop Parameter

    API Base URL <instance>

    API Endpoint

    Client Key

    ID

    Client Secret

    Secret

    Token URL <instance>

    API Endpoint

ExtraHop Configuration

  1. Login to the ExtraHop Reveal(X) 360 Dashboard.

  2. From the Settings icon of top right corner, navigate to System Settings and then select All Administration.

  3. From “All Administration” page, navigate to API Access.

  4. Enable the Manage API Access then click Create Credentials.

  5. Click on Create Credentials, enter the Credential ‘Name’, select the following access rights, and then click on Save.

    Access Type

    Access

    System Access

    Full read-only

    NDR Module Access

    Full access

    NPM Module Access

    Full access

  6. Make sure to copy the credentials and save them in your machine for later use.
    Example API Endpoint: https://yourInstance.api.cloud.extrahop.com
    Here, in the above example, ‘yourInstance’ represents the instance value.

    Note:

    Make sure to copy and save secret as it will not be shown again.

DataBee Configuration

  1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.

  2. Search for the ExtraHop Reveal(X) 360 and click it as shown below.

  3. Click on the API Ingest option for collection method.

  4. Enter feed contact information and click Next.

  5. In the configuration page, confirm the following:

    • Authorization Method: OAuth2

    • API Base URL: replace <instance> with your instance value got from API Endpoint.

    • Client Key: paste the ID generated earlier.

    • Client Secret: paste the Secret generated earlier.

    • Token URL: replace <instance> with your instance value got from API Endpoint.

    • Event Types: preselected for all the event types that integration pulls.

  6. Click Submit.

Troubleshooting Tips

  • If you are facing an invalid client error, it might be due to incorrect credentials. Please ensure that the ID and secret are pasted correctly. Since the secret cannot be viewed after the first time, re-create the API client, paste the generated credentials into a text editor to verify that there are no spaces or unexpected characters, and then reconfigure the DataBee feed.


Was this article helpful?

What's Next
Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.
ESC

Eddy AI, facilitating knowledge discovery through conversational intelligence