Connectors

XSOAR

Setting Up Integration Between XSOAR and Platform Using Generic Webhooks

1. Login to XSOAR

  • Access your XSOAR instance using your login credentials.

2. Go to Marketplace and Install Generic Webhooks

  • Navigate to the Marketplace within XSOAR.

  • Search for “Generic Webhooks”.
  • Install the “Generic Webhooks” integration.

3. Go to Settings > Integrations > Instances

  • Navigate to Settings.

  • Click on Integrations.
  • Select Instances.

4. Search for Generic Webhooks and Add Instance

  • Search for “Generic Webhooks” in the instances list.
  • Click Add instance.

5. Instance Settings

  • Add Name: Enter a unique name for the instance.
  • Listen Port: Enter a free port number that is not currently in use.

6. Verify Server Configuration

  • Navigate to Settings > About > Troubleshooting.
  • In the Server Configuration section, verify that the value for the instance.execute.external.<INTEGRATION-INSTANCE-NAME> key is set to true.
  • If this key does not exist:
    • Click + Add Server Configuration.
    • Add instance.execute.external.<INTEGRATION-INSTANCE-NAME> and set the value to true.
  • Refer to the reference article for further information.

7. Test the Instance

  • Click Test.
  • Wait for the success message.

8. Save and Exit

  • Click Save.
  • Exit the instance setup.

9. Generate API Key

  • Navigate to Settings > Integrations > API Key.

  • Click Generate your key.

  • Enter previously set instance name in the Name Field of the API Generator and click Generate Key.

  • Copy And Save the generated key for future use.

In the Platform (Bolster Platform):

1. Login to the Platform:

2. Navigate to Automation:

  • Click on the Integration tab, Go to Cortex XSOAR.

3. Create New Connector:

  • In the New Cortex XSOAR Connector popup, provide a name for the connector.
  • In the URL field, paste the XSOAR URL (URL breakdown – after your Cortex URL add – /incident/upload/{incident ID} .
  • In Token Value fields, paste the API key fetched From Cortex

4. Test and Save Connector:

  • Click on Test Connector to ensure everything is set up correctly.
  • Once the test is successful, click Save.

By following these steps, you can successfully set up a connection to send data from your platform to a XSOAR Incident using webhooks. This integration allows for automated data transfers and notifications directly within your XSOAR environment.

Verify the data from platform in XSOAR

  1. Create an automation playbook in the platform by clicking on “NEW PLAYBOOK
  2. Provide the all the necessary details in the form
  3. In define connectors in the form
  4. In define connectors, choose above created connector
  5. Run the playbook
  6. Observe the result in the XSOAR

NOTE – Export Format on playbook should always be JSON for this guide to work

Final Result

Updated on August 7, 2024
Was this article helpful?
Yes No
Thanks for your feedback
Related Articles
Microsoft 365 Exchange/Defender Connector

This page captures detail step to be follow by Bolster Customer to successfully integrate Microsoft 365 Exchange/Defender with Bolster platform.…
Slack

Playbook Connectors for Slack You can add connectors to Slack channels so that playbooks can route data to those channels.…
API

Playbook Connector for APIs The playbook connector for APIs allows you to define custom HTTP requests to deliver your playbook…