SIEM Rules Integrations

Explore the main API and export paths SIEM Rules provides for interoperability with wider security workflows.

Overview

Integrations describe how SIEM Rules connects to wider workflows. These pages focus on interoperability, export surfaces, and API-led usage rather than broader solution positioning.

• REST API

  Use SIEM Rules programmatically from internal tools, pipelines, and engineering workflows.

• TAXII API

  Work with standards-oriented sharing and downstream intelligence workflows.

• STIX Bundle Export

  Export rule-related data in a machine-readable format that fits wider CTI and automation workflows.

• OpenCTI Integration

  Import SIEM Rules data into OpenCTI through the dedicated external-import connector and TAXII-driven workflow.