Integration Notes

Revelstoke + Armis Integration

How It Works

Revelstoke ingests alerts if suspicious activity is detected in IOT Devices. A new alert in Armis will trigger creation of an alert in Revelstoke. Revelstoke allows management of Armis alerts and searches on endpoints, events, and queries.

Requirements

The Armis integration requires an Armis account.

Support

If you need any help getting the Armis integration up and running, please do not hesitate to reach out to us via email at [email protected]

Integration Walkthrough

In Armis

Revelstoke integrates with Armis as a Custom API. To connect, you must generate an API Secret Key in your Armis portal.

Settings > API Management > Create API Secret Key

In Revelstoke

1. In your Revelstoke account, navigate to the integrations page

2. Select Add Integration Instance

3. Select the Armis integration

4. Enter the following required fields:

  • Name
  • Base URL of API Platform
  • Client Secret
  • Results Limit 

5. Enter the following optional fields if desired:

  • Default Alert Category
  • Execute on a Schedule
  • Enabled

6. Click Save

How to Disable

To stop the Revelstoke project from ingesting alerts from Armis, you will need to disable the Armis integration in Revelstoke.

  1. Select the Revelstoke project that is configured to ingest Armis alerts.
  2. Navigate to the Integrations page.
  3. Under the Armis section click the Pencil icon.
  4. Uncheck Enabled and then Save to stop creating alerts.

How to Remove

  1. In your Revelstoke account, navigate to the Integrations page.
  2. Select the Trash icon.
  3. Select Yes, delete to remove Armis instance from Revelstoke