Skip to main content

Anomali ThreatStream

anomali-threatstream

Version: 1.2
Updated: Jun 27, 2023

Anomali ThreatStream (previously known as ThreatStream Optic) is Threat Intelligence Management that automates the collection and processing of raw data, filters out the noise, and transforms it into relevant, actionable threat intelligence for security teams. This integration allows you to pull threat intelligence from the ThreatStream platform, import observables into ThreatStream, manage threat model entities and investigations, and so on.

  • Search Into Observables (Enrichment) - To retrieve threat intelligence from ThreatStream.
  • Add Observable (Containment) - To import structured threat data (observables) into ThreatStream, without requiring approval of the imported data through the ThreatStream UI.
  • Update Observable Tags (Containment) - Enables you to add observable tags in bulk.

Configure Anomali ThreatStream in Automation Service and Cloud SOAR

Before you can use this automation integration, you must configure its authentication settings so that the product you're integrating with can communicate with Sumo Logic. For general guidance, see Configure Authentication for Automation Integrations.

How to open the integration's configuration dialog
  1. Access App Central and install the integration. (You can configure at installation, or after installation with the following steps.)
  2. Go to the Integrations page.
    Classic UI. In the main Sumo Logic menu, select Automation and then select Integrations in the left nav bar.
    New UI. In the main Sumo Logic menu, select Automation > Integrations. You can also click the Go To... menu at the top of the screen and select Integrations.
  3. Select the installed integration.
  4. Hover over the resource name and click the Edit button that appears.
    Edit a resource

In the configuration dialog, enter information from the product you're integrating with. When done, click TEST to test the configuration, and click SAVE to save the configuration.

Anomali configuration

For information about Anomali ThreatStream, see Anomali documentation.

Change Log

  • November 10, 2022 - First upload
  • June 26, 2023 (v1.1) - Updated the integration with Environmental Variables
  • June 27, 2023 (v1.2) - Removed leading/trailing spaces
Status
Legal
Privacy Statement
Terms of Use

Copyright © 2025 by Sumo Logic, Inc.