Login
        Contents x
        Integrate ExtraHop RevealX with Red Canary
        • 21 Jul 2025
        • 1 Minute to read
        • PDF
        Contents

        Integrate ExtraHop RevealX with Red Canary

        • Updated on 21 Jul 2025
        • 1 Minute to read
        • PDF
        Article summary

        Integrating ExtraHop RevealX with Red Canary provides a powerful combination of advanced network detection and response capabilities. By combining our expert threat hunting and incident response with ExtraHop’s real-time network visibility and threat detection you can significantly enhance your ability to identify, investigate, and neutralize complex cyberattacks. To integrate ExtraHop RevealX with Red Canary, follow the procedure below from beginning to end.

        Step 1: ExtraHop RevealX–Create REST API credentials

        Red Canary uses your representational state transfer (REST) API credentials to make REST calls to your cloud instance in order to start receiving your alerts.

        1. From your ExtraHop dashboard, click system settings.

        2. From the Administration section, click API Access.

        3. Click Create Credentials.

          1.png

        4. Name your REST API Credential.

        5. From the System Access section, select Full read-only.

        6. From the NDR Module Access section, select Full access.

        7. From the NPM Module Access section, select Full access.

        8. From the Packet And Session Key Access section, select No access.

        9. Click Save.

        10. Copy and save the API Endpoint, ID, and Secret for your REST API Credentials.

          3.png

        Step 2: Red Canary–Connect ExtraHop RevealX API REST credentials to Red Canary

        Connect your ExtraHop API REST credentials to Red Canary to start sending your alerts.

        1. From your Red Canary homepage, click Integrations, and See all integrations.

        2. Type and select ExtraHop RevealX.

        3. Click Configure.

        4. Enter a Name for your external alert source.  

        5. Select a Display Category.

        6. Under the Ingest Format/Method dropdown, select ExtraHop via API Poll.

        7. Enter your ExtraHop Client ID from Step 1.10.

        8. Enter your ExtraHop Client Secret from Step 1.10.

        9. Enter your ExtraHop API Host from Step 1.10.

          5.png

        10. Click Save Configuration.

        11. Click Edit Configuration.

        12. Click Activate.

        Was this article helpful?
        What's Next
        Change password!
        Changing your password will log you out immediately. Use the new password to log back in.
        Change profile
        Success!
        First name must have atleast 2 characters. Numbers and special characters are not allowed.
        Last name must have atleast 1 characters. Numbers and special characters are not allowed.
        Enter a valid email
        Enter a valid password
        Your profile has been successfully updated.
        Logout