Crowdstrike Falcon
This guide addresses the procedures required to allow Fluency Cloud to integrate with Crowdstrike Falcon, and read data via the API.
Creating an OAuth2 API Client in Falcon
Login to your Crowdstrike Falcon account.
To create an API Client, open the Main Menu from the upper left-hand corner and choose the API Client and Keys option under the Support section.
In the OAuth API Client section of the next page, choose the "+ Add new API Client" option on the right.
Provide a Client Name and Description for the API Client
As this is a read-only integration, please select ALL of the check boxes under the "Read" column. Click "Add" to save the configuration and create the client.
The API Client credentials will be shown. Please make a note of the Client ID, Secret, and the Base URL fields. These values will be needed to complete the integration on Fluency Cloud.
Configuring a Crowdstrike API integration Plugin in Fluency
Login to the Fluency Cloud portal: https://(companyname).cloud.fluencysecurity.com.
Open the Main Menu from the upper left-hand corner and choose the Cloud Integrations option under the Data Ingress section.
On the following page, navigate to the Endpoint Management section.
To Add an API, choose the Crowdstrike icon from the group on the left side of the page to create a new endpoint:
NOTE: If an endpoint was setup previously, you can also select and modify it from the rigt side of the page.
On the following page, provide a customer name for this integration (or use "default"). This can just be the short name of your organization. (The value will be only used within Fluency.)
Using the Client ID, Client Secret, and the Base URL from the Falcon interface in the previous step, fill out the rest of the form.
Click "SAVE" to save this configuration.
Page last updated: 2023 Aug 08