Set up the Cortex XSOAR connector to view Workbench alerts and automate incident response in the Cortex XSOAR console.
The steps below provide instructions on how to create a new user account and which
information is needed to complete setup in Cortex XSOAR.
 |
NoteCortex XSOAR integration requires a user account with certain permissions
including generating an authentication token. Trend Micro recommends creating a new user role and
user account specifically for Cortex XSOAR integration.
For more information, see Creating a User Role for Cortex XSOAR Integration.
|
Procedure
- Download Trend Micro Vision One from the Cortex XSOAR Marketplace and open the app settings in the Cortex XSOAR console.
- Create a Trend Vision One
user account to integrate with Cortex XSOAR:
- In the Trend Vision One console, go to .
- Click Add Account to create a new user
account.The Add Account panel opens.
- Set Role to a user role configured with the
recommended permissions for integration with Cortex XSOAR.For more information, see Creating a User Role for Cortex XSOAR Integration.
- Set Access level to APIs only.
- Click Add.
- Copy the user account authentication token:
- Click the name of the user account you created.The Edit Account panel opens.
- Click Generate a new authentication token.
- Copy the Authentication token and paste into Cortex XSOAR.
- Click the name of the user account you created.
- Go to and click Cortex XSOAR.
- Copy the Endpoint URL and paste into Cortex XSOAR.Cortex XSOAR begins syncing with Trend Vision One.
Note
After successfully installing the Cortex XSOAR connector, Cortex XSOAR begins pulling data from Trend Vision One. The add-on does not pull preexisting data. You may need to allow some time before new data starts to appear.