10-10-2024 06:30 AM
Hi Everyone,
I'd like to fetch incidents on Exabeam Advanced Analystics, however, when trying to create an instance I get the following error each time I specify the value Exabeam incident in the Fetch type:
Error in API call [400] - Bad Request {"message": "attempt to access uninitialized field", "stackTrace": [], "apiErrorCode": "INTERNAL_ERROR", "errorMessage": "\"Internal Error: attempt to access uninitialized field\"", "suppressed": []} (85)
But when only the value Exabeam Notable User is specified, I get no error and the instance works fine. Is there a workound I can use so that I can also fetch others incidents from Exabeam AA?
10-11-2024 04:45 AM
Usually it doesn't throw an error.
Could you please share the screenshot for instance configuration masking the sensitive details.
10-14-2024 03:16 AM - edited 10-14-2024 05:20 AM
It seems it's throwing this error because the Incident Responder module isn't used for incident management on Exabeam itself. But instead, the Case Manager is used for incident management. Regarding the configurations, the username and the API key were provided in other to fetch incidents as required by the integration documentation.
Do you have any idea if there is a documentation regarding the case manager APIs?
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
