Axonius Documentation
  1. Connecting Adapters
  2. Adapters D-E

Exabeam Cloud

Exabeam Cloud is a cloud-based Security Information and Event Management (SIEM) solution.

Asset Types Fetched

  • Devices

Before You Begin

APIs

Axonius uses the Exabeam API.

Required Permissions

  • Read permissions

Supported From Version

Supported from Axonius version 6.1

Connecting the Adapter in Axonius

Required Parameters

  1. Host Name or IP Address - The hostname or IP address of the Exabeam Cloud server.

  2. Client ID and Client Secret - The credentials for a user account that has the Required Permissions to fetch assets. For information on how to generate an API Key, see Authentication.

Optional Parameters

  1. Verify SSL - Select whether to verify the SSL certificate of the server against the CA database inside of Axonius. For more details, see SSL Trust & CA Settings.

  2. HTTPS Proxy - Connect the adapter to a proxy instead of directly connecting it to the domain.

  3. HTTPS Proxy User Name - The user name to use when connecting to the value supplied in Host Name or IP Address via the value supplied in HTTPS Proxy.

  4. HTTPS Proxy Password - The password to use when connecting to the server using the HTTPS Proxy.

To learn more about common adapter connection parameters and buttons, see Adding a New Adapter Connection.

Advanced Settings

📘

Note

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Only fetch devices seen in the last X number of day(s) (default: 30) - Enter a number of days. This setting enables you to fetch only devices and corresponding information if they were seen by Exabeam Cloud in the number of days set.
  2. Time window batch size (optional) - Enter an integer number defining the size of the time window batch.
  3. Time window batch unit - (optional) - Select the time unit to apply to the number you entered in the previous field: Hours, Minutes, or Seconds.
    • Example: If the value of Time window batch size is 5 and the value of Time window batch unit is Minutes - the time window of the batch will be 5 minutes.
  4. Maximum devices per API call - (optional, default: 3000) - Define the maximum number of devices allowed per API call.
  5. Fields to fetch (default: host, product, vendor) - From the dropdown, select the fields to fetch from the API. The adapter will fetch the host, product, and vendor by default.
  6. Advanced hostname source mapping (JSON) (optional) - Configure a field to use as the device hostname source. Use the following format: 
    {
    "target_field": "product_name",
    "conditions": [
        {
            "target_value": "Azure SQL",
            "hostname_field": "db_name"
        },
        {
            "target_value": "Example 2",
            "hostname_field": "case2fieldName"
        }
    ]
}
📘

Note

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

Updated 8 days ago