> For the complete documentation index, see [llms.txt](https://docs.dropzone.ai/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.dropzone.ai/unlinked/exabeam.md).

# Exabeam

{% hint style="info" %}
Exabeam is an SIEM integration. SIEM integrations are used to perform analysis of any SIEM generated alerts, and/or to use generated data as part of investigation analysis.
{% endhint %}

The Dropzone platform integrates with the [Exabeam](https://www.exabeam.com/) security SIEM. Many customers ingest other alert sources into Exabeam (e.g. IDPs) and integrate Dropzone into Exabeam rather than the source systems.

## Create an API Key

Exabeam requires an API key to enable. To create an API key, you must be an administrator with full access to your account.

To obtain an API Key, do the following:

* As an administrator, open your Exabeam Platform
* In the lower-left, navigate to Settings > API Keys
* Click "+ New Keys" (or, if there are no existing API keys, "New API Keys")
* Name the key something memorable, such as "Dropzone AI"
* Add the following permissions
  * Search, Analyze and Export (read)
  * Threat Center alerts and cases (read)

{% hint style="info" %}
If you use context management tables, also add the `Context Management` read permission
{% endhint %}

* Click "Create"
* Copy the Key ID and Key Secret values generated for use later in the Dropzone UI, where they are called "Client ID" and "Client Secret," respectively
* Click "Ok, great!"

## Enable Exabeam

To enable the Data Source integration, you will need the following information:

| Dropzone Field | Source                                                                                                                                                                                |
| -------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| API Base URL   | Your region-specific Exabeam base URL, e.g. <https://api.us-west.exabeam.cloud>. Click [here](https://developers.exabeam.com/exabeam/docs/exabeam-api-base-urls) for more information |
| Client ID      | The Key ID value you generated earlier                                                                                                                                                |
| Client Secret  | The Key Secret value you generated earlier                                                                                                                                            |

* Navigate to your Dropzone AI tenant home page e.g. https\://*mycompany*.dropzone.app
* In the bottom left hand corner, navigate to Settings > Integrations
* Click "Available"
* In the Search bar, search Exabeam, then click "Configure"
* Input the API Base URL, Client ID, and Client Secret
* Click "Test & Save" to finish

If you have any errors engage your Dropzone AI support representative.


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.dropzone.ai/unlinked/exabeam.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.