XSOAR Security Management

XSOAR is an extended security orchestration, automation and response platform with native threat intel management.

By installing the Humio Add-on in XSOAR, XSOAR can be configured to automatically:

  • Query Humio for incidents.

  • Enrich incidents with additional contextual data.

  • Respond to incidents by setting up new Humio alerts.


You can integrate Humio and XSOAR by installing the Humio add-on in your XSOAR system, which is located under Settings --> Integrations --> Servers & Services page in XSOAR under the name Humio.

Here you will need to add a Humio instance and configure it as described in XSOAR's Documentation on Humio Integration. Configuration requires an API key for your Humio instance, which is located under the /settings page in the Humio UI. Example https://humio.example.com/settings.