CrowdStrike integration

If you’re new to integrations in Rewst, read through our introductory integration documentation here.

What does the CrowdStrike integration do?

Our CrowdStrike integration enables advanced thread detection and endpoint security management. Use the CrowdStrike Falcon API within Rewst workflows to perform actions such as retrieving detections and managing devices.

Set up the CrowdStrike integration

Set up steps in CrowdStrike

Log in to your CrowdStrike Falcon Account.
Click on the Hamburger Icon in the left-hand corner to expand the sidebar.
Click Support and Resources.
Click API clients and Keys.
Click Add new API Client on the center-right of the screen.
Enter a Client Name and Description.
Choose the permissions you'd like to give Rewst.
Click Add to save the new API Client.
Save the values listed for the API URL, Client Key, and Client Secret in a secure location. Once you migrate away from this page, you'll no longer be able to view them. This information will be needed for further steps in Rewst.

Set up steps in Rewst

Navigate to Configuration > Integrations in the left side menu of your Rewst platform.
Search for CrowdStrike in the integrations page.
Click on the integration tile to launch the configuration setup page.
Under Parameters, enter the information copied from CrowdStrike into the relevant fields:
1. API URL
2. Client Key
3. Client Secret
Click Save Configuration.
Rewst will do a quick validation of your input. Once completed, you'll see a new section beneath the configuration form for organization mapping. Complete your mapping as desired.

Got an idea for a new Integration? Rewst is constantly adding new integrations to our integrations page. Submit your idea or upvote existing ideas here in our Canny feedback collector.

Actions and endpoints

For more on how actions work in Rewst, check out our introductory actions documentation here.