CrowdStrike Falcon Spotlight

CrowdStrike Falcon Spotlight is a Security input connector. Connect to your CrowdStrike API to start collecting vulnerability data. Create a CrowdStrike Client ID and Client Secret with the Web UI permissions before connecting.

IP Allowlists

You might need to add the Monad IP range of to your CrowdStrike Falcon Spotlight allowlist, so Monad can connect to it.

Create CrowdStrike Credentials

Before you connect Monad to CrowdStrike, you need a Client ID and Client Secret.

You will need a CrowdStrike Falcon administrator account.

  1. On the CrowdStrike Falcon Platform, navigate to API Clients and Keys.
  2. In the OAuth2 API Clients table, click Add new API client.
  3. Enter Client Name, Description and API Scopes to define the API client. Ensure all read roles are enabled.
  4. Click Add to save the API client and generate the client ID and secret key.

Set up a CrowdStrike Falcon Spotlight input connector in Monad

To set up a CrowdStrike Spotlight connector, you need a Client ID and a Client Secret. Once you have this information, you set up the connector:

  1. Log in to your Monad account, and click Add connector.
  2. Select the CrowdStrike Spotlight connector.
  3. Optionally, change the default name for the connector. This name serves as a label for the connector in the Monad app, and you can change it later.
  4. Enter the credentials you created.
  5. Select the region to use. The default is “US1” and should be used if you’re unsure.
  6. (Optional) - set your connector schedule
  7. Click Connect.

That’s it! Monad tests the connection to CrowdStrike Spotlight. If the account is configured correctly, you’re ready to pull your CrowdStrike data into Monad!

This page was last modified: 15 Nov 2023