Skip to main content

Context ManagementContext Management Administration Guide

Create a STIX/TAXII Context Table

The most efficient way to onboard a STIX/TAXII context table is actually to start in the Cloud Collectors application. Because only one STIX/TAXII context table can be connected to a STIX/TAXII cloud collector, you can automatically create both in a single procedure as follows:

  1. Log into the New-Scale Security Operations Platform with your registered credentials.

  2. Find the Collectors tab and click the Cloud Collectors tile.

  3. Navigate to the Collectors tab at the top of the page and click the STIX/TAXII tile. The STIX/TAXII (Context) panel opens

  4. Enter all of the required information to identify the STIX/TAXII source you want to collect data from. For more information, see the STIX/TAXII Cloud Collector section of the Cloud Collector Administrative Guide.

  5. At the bottom of the panel, toggle on the option to Automatically create a Context Table.

    auto-create-stix.png
  6. Click Install to create the collector and the context table. When the context table is created, the available STIX/TAXII source attributes are automatically mapped to a set of Exabeam Common Information Model target attributes. For an easy-to-read table of default attribute mapping, see one of the following:

  7. Navigate to the Context Management application and find the newly created context table on the Overview tab.

  8. Click on the table row to open the table and view the data. Validate the data being collected.