Bootstrap EclecticIQ Platform Integration

Start the resilient-circuits integration module, register the integration, and test it.

Bootstrap the app

  1. Open a terminal session, log in to IBM Resilient with SSH, and start the integration module:

    # Run this command to start the integration.
    resilient-circuits run
    # Successful response.
    resilient-circuits has started successfully and is now running...
    Subscribe to message destination 'eclecticiq_sighting'
    Subscribe to message destination actions.201.eclecticiq_sighting

  2. Open a new terminal session, log in to IBM Resilient with SSH, and register EclecticIQ Platform Integration as a threat source in IBM Resilient:

    sudo resutil threatserviceedit -name "EclecticIQ Platform" -resturl http://${resilient_circuits_url}:9000/cts/eiq

    In the command parameters, replace the ${resilient_circuits_url} placeholder with the IP address previously assigned to host in the [resilient] stanza of the app.config file.

Test the integration

To test the threat service integration:

  • Open a terminal session in IBM Resilient, and then run the following command:

    # Run this command to test the integration
    sudo resutil threatservicetest -name "EclecticIQ Platform"
     
    # Successful response
    Successfully connected to EclecticIQ Platform

To verify that the integration is enabled:

  1. Open a web browser, and log in to IBM Resilient through the GUI.

  2. Click the user menu.

  3. From the drop-down menu select Administrator Settings.

  4. In the Administrator Settings view, click the Threat Sources tab.
    EclecticIQ Platform should be listed in the Threat Sources view, and its status should be ON.
    If the app status is OFF, click it to enable it.