Customize and Integrate

Build streaming data solutions that were previously impractical or impossible.

Rapid programmability, easy extensibility, open integration, and community: These are the characteristics of a true platform for innovation. With the ExtraHop platform, you can quickly meet new requirements, customize the solution, enrich your wire data with other data sets, and stream your wire data to other platforms.

Application Inspection Triggers

Most vendors collect only a few hundred metrics and require expensive customization to add new ones. The ExtraHop platform offers 4,000+ metrics out of the box, plus the ability to define new metrics using Application Inspection Triggers technology. This acts as a programmable interface for the real-time stream processor. Your organization has unique requirements, and the ExtraHop platform offers the generous customization options to help you meet them.

Application Inspection Triggers technology enables your organization and the community to quickly respond to new requirements. For example, within 24 hours of the Shellshock vulnerability announcement in 2014, the ExtraHop community developed a trigger to track exploit attempts over HTTP.

The ExtraHop platform features a programmable interface so you can define and implement new metrics in minutes, such as when extracting HL7 message fields.

Universal Payload Analysis

With universal payload analysis (UPA) capabilities, you can analyze nearly any custom application. That means no more waiting for a vendor to add support for a technology that's critical to your business.

Community-Driven Innovation

Application Inspection Triggers can be packaged together with alerts, record queries, and dashboards into shareable bundles, which you can download from the ExtraHop Solution Bundles Gallery. These bundles extend the platform for specific needs, such as:

You can also contribute to the community by creating and sharing your own bundles.

Open Data Stream

When you correlate your wire data with other data sets for multidimensional analysis, your wire data becomes even more valuable. That's why we offer Open Data Stream, which allows you to stream wire data analysis from the ExtraHop platform to other solutions. We offer this capability for free, because we believe that you own your data and should be able to use it how you like.

ExtraHop's Open Data Stream integrations can send valuable wire data to multiple end-points concurrently, including: AppDynamics, ElasticSearch, Kafka, FireEye, Log Insight, MongoDB, Splunk, Sumo Logic, and other platforms.

Open Data Stream represents the type of open integration necessary for IT organizations to build open IT Operations Analytics (ITOA) architectures. Read more about Open Data Stream capabilities.

Wire Data GraphicOpen Data Stream enables you to stream precise events and metrics in real time to other platforms.

Rich APIs

The ExtraHop Platform offers a rich set of APIs so that you can integrate it with your other management solutions. You can enrich your wire data by adding third-party data through the Open Data Context API, such as user names from Active Directory servers and black-list or white-list criteria. The Open Data Context API is bi-directional: external sources can also pull information from ExtraHop.

Through the ExtraHop API, you have access to the same API used by the ExtraHop web UI. That means you can pull built-in and custom metrics from ExtraHop into your other tools.

Looking for smart automation and orchestration? The ExtraHop REST API lets you get creative with how you use the ExtraHop platform. It makes your automation smarter by enabling you to kick off processes based on any activity on the wire. With the REST API, you can automatically:

  • Launch orchestrated processes based on observed events on the wire
  • Complete management tasks, such as updating SSL keys
  • Send regular reports to individuals and teams
  • Pull ExtraHop data into the web UIs of other management tools

To help you with these integrations, the REST API Explorer enables you to view, customize, and test example API operations such as methods, schemas, parameters, and response messages. You can also copy and paste sample code for cURL, Python 2.7, and Ruby from the API Explorer into your development environment.

Read how you can automate ransomware responses (network-access control) using the REST API.

The REST API Explorer enables you to view, customize, and test example API operationsThe Try It Out feature in the REST API Explorer displays requirements for API calls and offers code in multiple languages for whichever API method you are interested in.
Go Back: Visualize & Explore Start your ExtraHop demo