Add the CrowdStrike Feed
Configure the CrowdStrike feed to be used as a source for Threat Command.
To add the CrowdStrike feed to Threat Command:
- Configure CrowdStrike:
- From CrowdStrike, open the Support > API Clients and Keys window.
- On the desired Oauth2 API client, click Edit (step A).
- Ensure that Read is selected for Falcon X (indicators).
- Copy the Base URL (step B).
- From CrowdStrike, open the Support > API Clients and Keys window.
- Configure Threat Command feed:
- From the TIP > Sources page, click CrowdStrike.
The feed configuration is displayed.
- Type the Client ID, Secret, and Base URL (from the previous step).
- Click Save, then Test Credentials.
- Enable the feed.
- From the TIP > Sources page, click CrowdStrike.
Did this page help you?