Skip to main content

Druva Event Collector

This Integration is part of the Druva Pack.#

Supported versions

Supported Cortex XSOAR versions: 8.4.0 and later.

This is the Druva event collector integration for Cortex XSIAM.

Configure Druva Event Collector on Cortex XSIAM#

  1. Navigate to Settings > Integrations > Servers & Services.

  2. Search for Druva Event Collector.

  3. Click Add instance to create and configure a new integration instance.

    ParameterRequired
    Server URLTrue
    Client IDTrue
    Secret KeyTrue
    Trust any certificate (not secure)
    Use system proxy settings

  4. Click Test to validate the URLs, token, and connection.

Commands#

You can execute these commands from the Cortex XSIAM CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.

druva-get-events#

Gets events from Druva API in one batch (max 500). If tracker is given, only its successive events will be fetched.

Base Command#

druva-get-events

Input#

Argument NameDescriptionRequired
should_push_eventsSet this argument to true in order to create Cortex XSIAM events, otherwise the command will only display them. Possible values are: true, false. Default is false.Required
trackerA string received in a previous run, marking the point in time from which we want to fetch.Optional

Context Output#

There is no context output for this command.

Edit this page
Report an Issue