How It Works
Revelstoke ingests alerts if suspicious activity is detected in IOT Devices. A new alert in Armis will trigger creation of an alert in Revelstoke. Revelstoke allows management of Armis alerts and searches on endpoints, events, and queries.
Requirements
The Armis integration requires an Armis account.
Support
If you need any help getting the Armis integration up and running, please do not hesitate to reach out to us via email at info@revelstoke.io
Integration Walkthrough
In Armis
Revelstoke integrates with Armis as a Custom API. To connect, you must generate an API Secret Key in your Armis portal.
Settings > API Management > Create API Secret Key
In Revelstoke
1. In your Revelstoke account, navigate to the integrations page
2. Select Add Integration Instance
3. Select the Armis integration
4. Enter the following required fields:
- Name
- Base URL of API Platform
- Client Secret
- Results Limit
5. Enter the following optional fields if desired:
- Default Alert Category
- Execute on a Schedule
- Enabled
6. Click Save
How to Disable
To stop the Revelstoke project from ingesting alerts from Armis, you will need to disable the Armis integration in Revelstoke.
- Select the Revelstoke project that is configured to ingest Armis alerts.
- Navigate to the Integrations page.
- Under the Armis section click the Pencil icon.
- Uncheck Enabled and then Save to stop creating alerts.
How to Remove
- In your Revelstoke account, navigate to the Integrations page.
- Select the Trash icon.
- Select Yes, delete to remove Armis instance from Revelstoke
