Integrate Exabeam with AiStrike for ingestion of alerts and security events, threat hunting, and detection engineering — covering API authentication, basic user authentication, and IP access configuration.
1. API authentication
-
Log in to Exabeam with Admin permissions.
-
Go to Exabeam Security Operations Platform → Settings → API Keys.
-
Provide a key name and add read/write permissions for Search, Analyze, Export, Threat Center, correlation rules, and Access Control.
-
Click Create, then securely copy the token for the AiStrike connector.
-
Share the Exabeam URL and region (based on where your instance is hosted).
API for incidents & context management (Tier 3 Analyst)
-
In the Exabeam Console, go to Settings → Core → Admin Operations and select Cluster Authentication Token.
-
Click Add Token, provide a name and expiry (manual or permanent).
-
Under Permission Level → Default Roles, select Tier 3 Analyst (Advanced Analytics), then click Add Token.
-
Store the generated key securely.
2. IP access restrictions
Log in as an administrator (New-Scale Security Operations Platform), go to Settings → Access Control → IP-Based Access, add the AiStrike connector IPs, and grant access to UI & Public API:
3.135.165.25/32 3.148.24.98/32 3.148.93.249/32
3.14.192.137/32 13.201.28.59/32 18.223.178.199/32
52.15.138.222/32 54.246.180.34/32 63.35.37.74/32
54.220.227.162/32
Click Add to finish. Once saved and connectivity is established, AiStrike begins fetching data.
3. Connector configuration
|
Field |
Details |
|---|---|
|
Server URL |
e.g. |
|
API Region (optional) |
e.g. |
|
API Key Secret |
Token generated for AiStrike |
|
API Key ID |
Key ID for the API token |
|
Username (optional, UI) |
|
|
Password (optional, UI) |
Password for that user |
4. (Optional) Basic authentication
Go to Settings → Users → Add New User, create a local user (e.g. AiStrike_User, email threat@aistrike.com) with a password, set the permission level to Administrator or Security Engineer, and securely share the credentials.