Darktrace Event Collector

Use this integration to fetch model breaches from Darktrace as events in XSIAM.

Analytics & SIEM · Darktrace

Configuration parameters

  • base_url — Server URL (e.g., https://example.cloud.darktrace.com) (required)
  • insecure — Trust any certificate (not secure)
  • proxy — Use system proxy settings
  • public_creds — (required)
  • private_creds — (required)
  • max_fetch — Max events per fetch
  • first_fetch — First fetch timestamp (<number> <time unit>, e.g., 12 hours, 7 days)

Commands (1)

  • darktrace-get-events

    Gets events from Darktrace.