Hi Team,
Want to know. Does Chronicle SOAR has ability to setup a proxy for routing the network calls (i.e. within Integration/Action apps) to external APIs? If yes, any references/links about how/what/where.
Solved
Does Chronicle SOAR has ability to setup a proxy for routing the network calls?
+1- Bronze 1
Best answer by KyHud
Hey,
Bit of a tricky one - as global proxy'ing was removed as Chronicle moved to cloud based solutions away from on-prem.
For connectors - a number of connectors for ingest already support proxy methods (arcsight/cofense), so you maybe in luck that the ingest method you are wanting to use has proxy parameters which you can utilise.
For actions/connectors which are not governed by individual proxy settings, you could potentially utilize a remote agent. By routing actions or integration sets through a remote agent you would have control over the proxy settings of the underlying OS which may achieve what you are after - albeit not necessarily a method endorsed by Chronicle SOAR (as far as I can tell). You can find how to configure the remote agent (specifically proxy parameters) in this link here:
Apologies that there's not a straight forward answer for this one, and if in doubt it might be worth a support ticket as they may know a way/ be able to set something in your environment - to achieve your goals.
Cheers
K
+5- Bronze 2
- Answer
Hey,
Bit of a tricky one - as global proxy'ing was removed as Chronicle moved to cloud based solutions away from on-prem.
For connectors - a number of connectors for ingest already support proxy methods (arcsight/cofense), so you maybe in luck that the ingest method you are wanting to use has proxy parameters which you can utilise.
For actions/connectors which are not governed by individual proxy settings, you could potentially utilize a remote agent. By routing actions or integration sets through a remote agent you would have control over the proxy settings of the underlying OS which may achieve what you are after - albeit not necessarily a method endorsed by Chronicle SOAR (as far as I can tell). You can find how to configure the remote agent (specifically proxy parameters) in this link here:
Apologies that there's not a straight forward answer for this one, and if in doubt it might be worth a support ticket as they may know a way/ be able to set something in your environment - to achieve your goals.
Cheers
K
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.