Complete the following steps after importing the SSP and before you use the widget.

The AI Ingestion application has Hero AI visibility turned on by default. For Hero AI to answer questions accurately about the application, the description must explain what the application contains and how it's used. To add a description:

Open the AI Ingestion application and select 

 field. Use the following as a starting point:The AI Ingestion (AI) application provides a guided workflow for building vendor-specific alert ingestion components for the AI SOC pipeline. It stores records of ingestion configurations organized by vendor source.

The AI Ingestion Workspace has no roles assigned by default. To grant access:

 to add the role(s) that should have access to this workspace, and set the appropriate permissions (Read, Update, and so on) for each role. Anyone with those roles assigned to them will have access to the AI Ingestion application.

Enable Hero AI Visibility for the Vendor Product Field (Optional)

The Vendor Product field has Hero AI visibility turned off by default. To let Hero AI query and filter by vendor:

Open the AI Ingestion application in Application Builder and select the 

The name of the vendor or source system that submitted this record. Example values: CrowdStrike, Splunk, Palo Alto.

The AI Ingestion application includes an 

 tab that displays the same fields described above (such as 

). Use the Audit tab to review ingestion configuration and activity; no additional report configuration is required.

Keep the following in mind when you use the AI Ingestion SSP:

 Reconfigure any HTTP assets or credentials after import.

The workflow has no stages configured on import.

 It is enabled but empty. Configure stages and actions before use.

The application acronym is AI and the Tracking Id prefix is AI-.

 If you deploy multiple instances of this application, update the acronym and prefix to avoid ID conflicts.

Hero AI is required for AI-assisted widget features.

 If Hero AI isn't enabled, you can still use the widget's manual path to select endpoints and configure components.

Records, record history, and secure key store values aren't included in the SSP and aren't transferred on import.

 — Install AI SOC and configure ingestion playbooks

Configure the Application After Import

Create Connector Actions as Components

Run the Ingestion Process

Integrate with the AI SOC Pipeline

AI SOC Ingestion

test12

sdfdssdfsdfsdfsdfdsfsdf

edfsad

dsfsdfsdf

test

specific

var_miha

new_var_2

new_mih_var

mih_var

testheight

available

testulet

testvar

This is a plain text that will be inserted in an expandable heading for using this raw as an exampl

altscenario

This is a plain text that will be inserted in an expandable heading for using this raw as an example

scenario

exemplu

variabila

Archbee

text

refresh_token

YourBank

MyBank

variable_test_video

variable123

silviu

Bogdan_test

ferwhethgte

target1

google

support

product_name

productName1

companyLegalName

programName

customerName1

productName

Product_Name

Test

SEFAS

uptempo

customerName

testName

name1

customername

apilink1-getallmethod

variable_one

capitalize

company_name_adobe

jama_2

jama_1

domain

email

product

Glossary lets you define every tricky term, then gives them a sneak peek explanation on hover... Just like I'm doing with this text right here!

Glossary_feature

Google

aaaa

insitutionAdress

dasdas666

aa112

asdasdas

asdasd

What

New_reusable

test_var2

test_var

Our knowledgeable support team and an awesome community will get you an answer in a flash.

Swimlane Solutions and Applications

Installing and Configuring AI SOC Solution

Getting Started

AI SOC Applications

Operations and Guidance

Dashboards and Reports

Example Scenarios

Integration Examples

Operational Best Practices

Troubleshooting

AI SOC Solution

Installing SOC Solutions Bundle

SOC - Alert Ingestion (Webhook) - Template Playbook Overview

SOC - Alert Ingestion (Cron) - Template Playbook Overview

SOC - Bulk Ingest Phishing Emails - Template Playbook Overview

Configure Threat Intelligence Enrichment Integration

Configure Custom Case and Incident Management Data Mappings

Swimlane AI Agents Case Management Extension

SOC Solutions Bundle

Installing and Configuring

Business Continuity Management Workflows

Using Business Continuity Management

Dashboards in BCM

References

Business Continuity Management (BCM) Solution

How it Works?

Creating or Updating the SCF Records

SCF Data Import Application Overview

SCF Findings Application Overview

SCF Library Application Overview

SCF Evidence Application Overview

SCF Remediation Plans Application Overview

SCF Reporting Application Overview

Compliance Audit Readiness (CAR) Solution

Installing and Configuring Collaboration Extension

Configure Webhooks

Configure Collaboration Extension Template

Select a Template and Send a Message

Collaboration Extension

Installing and Configuring Crafted AI Prompts

Crafted AI Prompts

Installing Detection Engineering Extension

Configuring Detection Engineering Extension

Detection Engineering Extension - How it Works

Detection Engineering Extension

Vulnerability Response Management Workflows

Using Vulnerability Response Management

Using VRM for MSSPs

Vulnerability Response Management (VRM)

Solutions and Applications