Configure iManage Threat Manager for Arctic Wolf monitoring

You can configure iManage Threat Manager® to send the necessary logs to Arctic Wolf® for security monitoring.

These resources are required:

  • An iManage Threat Manager account with the Integrations Manager role.

Generate a token

  1. Sign in to the iManage Threat Manager portal.
  2. In the navigation pane, click Configuration > Settings.
  3. Click the System tab.
  4. Click + New Token.
  5. In the New Token dialog, enter a name for the token.
  6. Select Export Alert List.
  7. Enter an expiry time for the token and record this value.

    You will provide this value to Arctic Wolf later.

  8. Click Generate Token.
  9. Click Copy Token and Copy Secret, and then save these values in a safe, encrypted location. You will provide them to Arctic Wolf later.
    Note:

    The token and secret values are only available to view immediately after token generation. If these values are lost before you provide them to Arctic Wolf, you must generate a new token.

Provide iManage Threat Manager credentials to Arctic Wolf

  1. Sign in to the Arctic Wolf Unified Portal.
  2. In the navigation menu, click Data Collection > Cloud Sensors.
  3. Click Add Account +.
  4. On the Add Account page, click iManage ThreatManager.
  5. Configure these settings:

    • Account Name — Enter a unique and descriptive name for the account.

    • API Host Name — Enter the iManage Threat Manager host associated with your account. For example, https://example.tm-cloudimanage.com.
    • Port Number — If you have configured a custom port for iManage Threat Manager, enter it here. If not, enter 443.
    • Token — Enter the token from Generate a token.
    • Secret — Enter the secret from Generate a token.

    • Credential Expiry — (Optional) Enter the credential expiration date, if applicable.

      Note:

      If applicable, convert the value that you submitted to iManage Threat Manager from minutes into yyyy-mm-dd format.

  6. Click Test and submit credentials.