Red Canary

Red Canary Integration Overview

With Perch’s integration to Red Canary, you can store, search, and visualize all threats detected by Red Canary within Perch. You can also let Perch Security Analysts triage threats detected by Red Canary alongside all your data in Perch.

Red Canary Integration Setup

In Perch, navigate to Settings > Red Canary.
Click INSTALL.
Create a shared secret key and enter it in the Shared Secret (Authorization) field. Save this key in a text file to complete the setup in Red Canary.
Copy the webhook URL in a text file.
Click Enable log collection.
Click Save.

Configure the Red Canary Playbook

In Red Canary, navigate to the playbooks you want to send the webhook request to Perch.
Click Add Action.
Navigate to Webhook/API > Invoke Webhook or API > Add to Playbook.
Select POST as the HTTP method.
Enter the URL you copied in step 4.
Select Yes in the Allow Connections to Untrusted Servers field.
Enter Content-Type=application/json in the HTTP Headers field.
Enter Authorization= and the secret key you created in step 3 in the HTTP Headers field.
Select All Attributes as JSON in the Payload drop-down.
Click Save.
Repeat the steps for all the playbooks you want to send data to Perch. Review the Red Canary integration documentation for more information.

Auth0

Auvik

AWS CloudTrail

Bitdefender

Carbon Black

Cisco AMP For Endpoints

Cisco Duo

Cisco Meraki

Cisco Umbrella

ConnectWise Automate

ConnectWise Automate Advanced Monitoring

ConnectWise Control

ConnectWise Manage

Datto Autotask PSA

Freshdesk

Google Workspace / G Suite

Kaseya VSA

Mailgun

Microsoft Defender ATP

Microsoft Teams

Microsoft/Office 365

Okta

Proofpoint

Red Canary

Salesforce

SentinelOne

ServiceNow

Slack

SMS

Sophos Central

Supported Data Sources

Webhooks

Webroot SecureAnywhere

Red Canary Integration Overview

Red Canary Integration Setup

Configure the Red Canary Playbook

Related Articles