ExtraHop Reveal(x)
  • 23 Aug 2023
  • 2 Minutes to read
  • Dark
    Light
  • PDF

ExtraHop Reveal(x)

  • Dark
    Light
  • PDF

Article summary

ExtraHop Reveal(x) is a network detection and response (NDR) solution that provides visibility, real-time threat detection, and response.

Parameters

  1. Domain (required) - The hostname or IP address of the ExtraHop Reveal(x) server.
  2. API Key (required) - An API Key associated with a user account that has one of the following privilege a user account that has the Required Permissions to fetch assets.
  3. Verify SSL (required, default: False) - Verify the SSL certificate offered by the value supplied in Domain. For more details, see SSL Trust & CA Settings.
    • If enabled, the SSL certificate offered by the value supplied in Domain will be verified against the CA database inside of Axonius. If the SSL certificate can not be validated against the CA database inside of Axonius, the connection will fail with an error.
    • If disabled, the SSL certificate offered by the value supplied in Domain will not be verified against the CA database inside of Axonius.
  4. HTTPS Proxy (optional, default: empty) - A proxy to use when connecting to the value supplied in Domain.
    • If supplied, Axonius will utilize the proxy when connecting to the value supplied in Domain.
    • If not supplied, Axonius will connect directly to the value supplied in Domain.
  5. For details on the common adapter connection parameters and buttons, see Adding a New Adapter Connection.

image.png

Advanced Settings

Note:

Advanced settings can either apply for all connections for this adapter, or you can set different advanced settings and/or different scheduling for a specific connection, refer to ​Advanced Configuration for Adapters.

  1. Calculate last seen using only "Last Seen Time” - Select this option to only use the field "Last Seen Time" to determine the last seen of the device. Otherwise the system uses the most recent value from the fields mod_time, discover_time, user_mod_time, last_seen_time.
  2. Exclude devices without IP addresses - Select this option so that the adapter will not fetch devices without an IPV4 IP address.
Note:

To learn more about Adapter Configuration tab advanced settings, see Adapter Advanced Settings.

APIs

Axonius uses the ExtraHop REST API v1.

Required Permissions

The value supplied in API Key must be associated with a user account that has one of the following privilege levels that enables them to fetch assets, achieved by 'Perform all GET operations through the REST API':

  • "write": "personal"
  • "write": "limited"

To generate an API Key, see ExtraHop REST API - Generate an API Key.


Version Matrix

Axonius should be compatible with any version of the ExtraHop Reveal(x) that works with ExtraHop REST API v1. Please contact Axonius Support if you have a version that is not functioning as expected.


Was this article helpful?