Skip to main content

Cloud-delivered Incident ResponderIncident Responder Documentation

Configure the Exabeam Cloud Search Service

Configure the cloud-native Search application as an Incident Responder service to search logs and run queries in the Exabeam Security Operations platform.

You must have Incident Responder i62.5.

  1. In the sidebar, click SETTINGSA grey gear icon, then select Core.

  2. Under SERVICE INTEGRATIONS, select Services.

  3. Select a service:

    • To configure a specific service, hover over a service, then click CONFIGURE. Use the search by vendor or filter by action to find a service.

    • To manually provide the relevant information for a service, click Configure a new serviceA dark blue plus sign..

    • To view all actions for a service, hover over a service, then click the information icon An icon of a grey i inside a grey circle..

  4. Enter information about the service:

    • Service Name – Enter a unique name for the service. By default, the service name is Exabeam Cloud Search.

    • (Optional) Description – Describe the service.

    • (Optional) Owner – Enter the email address of the person or group responsible for the service. 

    • Host – Enter the API base URL of your deployment region, without https:// and a slash at the end; for example, api.us-west.exabeam.cloud.

    • API Response Limit – Enter the number of search results to display in action outputs, up to 200. If you don't enter a number, the action returns 200 results by default.

  5. To validate the source, select TEST CONNECTIVITY.

  6. Click CREATE SERVICE.