Request Free Access
Enter your contact information to receive access to the control panel
By submitting this form, you agree to our Privacy Policy and Terms of Service. In accordance with EU regulations, your personal data will be processed and stored securely. You have the right to access, correct, and delete your data at any time.
Integration Guides
On this page, you’ll find comprehensive, step-by-step instructions for configuring essential integrations in SOC Jedi.AI. Learn how to connect Splunk to automate alert ingestion, enrich investigations with Google Workspace context, and streamline issue tracking with Jira. Follow these guides to seamlessly integrate your security and productivity tools and maximize the efficiency of your SOC operations.
Integrating Splunk with SOC Jedi.AI
This integration allows Splunk alerts to be automatically imported into SOC Jedi.AI, so you can monitor incidents and launch investigations directly from your security stack.
Steps:
Log in to your Splunk instance
Open your browser and go to:
https://your-splunk.tld/en-US/manager/launcher/authorization/tokens
https://your-splunk.tld/en-US/manager/launcher/authorization/tokens
Create an API token
- Click on “Create New Token”
- Give it a recognizable name (e.g., “SOC Jedi.AI Integration”)
- Set the desired permissions (read access to alerts is required)
- Click Save, then copy the token — you’ll need this for SOC Jedi.AI
Open SOC Jedi.AI
- Go to the left menu
- Navigate to Integrations → Communications → Splunk
Paste the API token
In the API Key field, paste the token you copied from Splunk
Enter your Splunk Host address
Example: https://your-splunk.tld
Click “Save”
To store your integration settings
Enable auto-import
Make sure the option for automatic alert import is enabled — this ensures Splunk alerts are continuously pulled into SOC Jedi.AI
Verify data ingestion
- Go to the Incidents section in SOC Jedi.AI
- Check that new incidents or alerts from Splunk are appearing in the system
Start working with Splunk data
- Create a new incident based on Splunk alerts
- Or start an automated investigation using SOC Jedi’s tools
Integrating Google Workspace with SOC Jedi.AI
Connect your organization’s Google Workspace to SOC Jedi.AI to enrich investigations with email, calendar, and file-based context.
Steps:
Open SOC Jedi.AI and go to Integrations
- In the left sidebar, click Integrations
- Select Communications → Google Workspace
Initiate account linking
- Click the “Connect Google Account” button
- A new Google sign-in window will appear
Sign in and grant permissions
- Log in with the Google account (or admin account) that you want to connect
- Approve the requested permissions — this usually includes read access to Gmail, Calendar, and Drive (if you want that data available during investigations)
Return to SOC Jedi.AI
- After successful authorization, you’ll be redirected back to SOC Jedi.AI
- The integration status should now display as Connected
Configure the integration
Choose which Google services to sync:
- Gmail for threat hunting in email
- Calendar for correlating activity
- Drive for contextual data
Click “Save”
To finalize settings
Validate the integration
Run a test investigation and confirm that Google data sources (emails, files, events) are available as part of incident context
Integrating Jira with SOC Jedi AI
The Jira integration allows your team to create and track Jira issues directly from SOC Jedi.AI, streamlining collaboration between your SOC and engineering or IT teams.
Steps:
Open SOC Jedi.AI and go to Integrations
In the main menu, go to Integrations → Task Management → Jira
Start the connection process
Click the “Connect Jira Account” button.
Provide your Jira base URL
This is typically in the form: https://yourcompany.atlassian.net
Generate a Jira API token
- Go to Atlassian API token page: https://id.atlassian.com/manage-profile/security/api-tokens
- Click Create API Token, give it a name (e.g., “SOC Jedi Access”), and copy the token once it’s generated
Enter your credentials in SOC Jedi.AI
- Paste the API token in the API Key field
- Enter the email address associated with your Jira account
Save the integration
Configure your preferences
Set a default Jira project, issue type (like Bug, Task, Incident), and any custom fields you want mapped.
Verify the integration
- Try creating a Jira issue directly from an incident in SOC Jedi.AI
- The issue should appear in your linked Jira project, and ticket status will be trackable from SOC Jedi.AI