Uptime & Heartbeat Monitors
Powered By GitBook
Cortex XSOAR (formerly Demisto) Integration
Create iLert alerts directly from Cortex XSOAR (formerly Demisto).
Cortex XSOAR is the industry’s only extended security orchestration, automation and response platform that unifies case management, automation, real-time collaboration and threat intelligence management to transform every stage of the alert lifecycle. Teams can manage alerts across all sources, standardize processes with playbooks, take action on threat intelligence and automate response for any security use case, resulting in significantly faster responses that require less manual review.

In iLert

Create an alert source

    Go to the "Alert sources" tab and click Create new alert source
    Enter a name and select your desired escalation policy. Select "Cortex XSOAR" as the Integration Type and click on Save.
    On the next page, an API Key is generated. You will need this API Key below when setting up the Cortex XSOAR integration.

In Cortex XSOAR Server

Add Integration

    Go to Cortex XSOAR, then to Settings -> Integrations, search for iLert integration and click on the Add instance button
    On the modal window, name the instance, paste the iLert API Key that that you generated in iLert and click on the Save & exit button
    Type some available iLert command to test the integration, e.g.
!iLert-submit-event summary="Test alert"


Can I connect Cortex XSOAR with multiple alert sources from iLert?
Yes, simply add more integration instances in Cortex XSOAR.
Last modified 18d ago