Crowdstrike NG SIEM

Integrating Keeper SIEM push to Crowdstrike NG SIEM

Overview

Keeper supports event streaming into Crowdstrike NG SIEM. External logging is real-time, and new events will appear almost immediately. Setup instructions are below.

1

Add the Data Connector

  • From the Crowdstrike dashboard, visit the Data onboarding > Data Connectors screen.

  • Select "+ Add connection" and search for Keeper

  • Click "Configure", assign a name, and then "Create connection".

Data connectors
2

Create the API Key

  • From the Data Connector screen, in the Keeper row click the overflow menu and then "Generate API Key".

  • Save the API Key and API URL for the next step.

Create API Key
Copy the API Key and API URL
3

Activate the Integration

  • From the Keeper Admin Console, go to Reporting & Alerts > External Logging

  • Select Crowdstrike Falcon Next-Gen

  • Provide the API Key and API URL from Step 2.

  • Click Test and then Save.

Setup Complete!

When SIEM logs are sent from Keeper to Crowdstrike, the data will begin to populate in the "Third Party" source within a few minutes.

Event Logs in Crowdstrike

PreviousAzure Sentinel (Deprecated)NextDatadog

Last updated

Was this helpful?