Supported Cortex XSOAR versions: 6.10.0 and later.
Collects Vectra Detections and Audits into XSIAM Events. This integration was integrated and tested with version 2.2 of Vectra.
Navigate to Settings > Configurations > Data Collection > Automation & Feed Integrations.
Search for Vectra Event Collector.
Click Add instance to create and configure a new integration instance.
Parameter Description Required Your server URL True API Token The API Token to use for authentication. True First fetch time False Fetch Limit Maximum amount of detections to fetch. Audits API does not include a fetch limit therefore this configuration is only relevant to detections. False Trust any certificate (not secure) False Use system proxy settings False
Click Test to validate the URLs, token, and connection.
You can execute these commands from the Cortex XSIAM CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
Fetches events (detections and audits) from Vectra.
|If true, the command will create events, otherwise it will only display them. Possible values are: true, false.
There is no context output for this command.