Threatlocker

Prev Next

This is a Discovery Connector.

Prerequisites

Before you create an API User, you will need to have Administrator Roles created.

For assistance with creating User Roles, refer to User Permissions | ThreatLocker Help Center (kb.help).

Collect Required Information from Vendor

  1. Log in to the Threatlocker Portal, go to the Administrators page and select the API Users tab.

  2. Select the New API User button, name it Calero and select the Generate API Token.

    IMPORTANT!

    You MUST copy/save this token for use when onboarding this connector (see below). It will not be visible again.

  3. Set the API Expiration date to 365 days.

  4. Give the token the following roles:

    • View organization

    • View computers

    • View reports

    • View system audit

    • View ThreatLocker threats

    • View ThreatLocker policies

    • View ThreatLocker remediations

    • View unified audit

  5. Give the token “All” organizations.

  6. Select the Create button.

Onboard This Discovery Connector

  1. Go to SaaS Management > Applications.
  2. Select Add Integration.
  3. Select the Discovery Apps tab, then select the card with the vendor's name.
  4. From the API tab, enter the details you captured above.
  5. Select the Authorize button.

SUCCESS!

You will now be redirected to the Integrations page in Calero.com, where the data sync will continue in the background, and you can monitor progress.

SUGGESTION:
Access Help through your Calero.com instance if links between articles return errors or if there are fewer sections in the Help menu than expected. Doing so will ensure you see all Help articles.