Skip to content
Find out how we support MDR.

Page permalink

Always use the following permalink when referencing this page. It will remain unchanged in future help versions.

https://docs.sophos.com/central/customer/help/en-us/index.html?contextId=rubrik

Integrate Rubrik

API Backup and Recovery

You must have the Backup and recovery integrations license pack to use this feature.

You can integrate the cloud gateway version of Rubrik Security Cloud with Sophos Central so that it sends audit data to Sophos for analysis.

This integration is API-based.

The key steps are as follows:

  • Get details of your Rubrik Security Cloud service.
  • In Rubrik Security Cloud, create an API application and a service user. We use these to call the Rubrik Security Cloud API.
  • Configure an integration in Sophos Central.

What you need from Rubrik Security Cloud

To integrate Rubrik Security Cloud, you need the following details:

  • Access Token URI. This includes the Base URL you'll need later.
  • Client ID.
  • Client Secret.

The following sections tell you how to get this information.

Find your Base URL, Client ID and Client Secret Key

You must add a service account in Rubrik Security Cloud to generate client credentials and enable client-side applications to authenticate to Rubrik Security Cloud.

  1. Log in to Rubrik Security Cloud.
  2. Click the Square grid icon Square grid icon. and select Settings.
  3. In Settings, click Users and Access and select Service Accounts.

  4. In Service Accounts, click Add Service Account.

    The Service Account Details assistant starts.

  5. In Name, enter the name of the service account.

  6. Optional: In Description, enter the description of the service account.

  7. Click Next.

    The Roles asssistant starts.

  8. Select the roles to be assigned to the service account.

  9. Click Add.

    Rubrik Security Cloud creates the service account, then displays the name of the service account, Client ID, Client Secret, and the Access Token URI to be used by the client application that owns the service account.

  10. Copy the client credentials and the Access Token URI. You'll need to use them later in Sophos Central.

Next, you configure an integration in Sophos Central.

Configure an integration

To integrate Rubrik with Sophos Central, do as follows:

  1. In Sophos Central, go to Threat Analysis Center > Integrations > Marketplace.

  2. Click Rubrik.

    The Rubrik page opens. You can configure integrations here and see a list of any you've already configured.

  3. In Data Ingest (Security Alerts), click Add Configuration.

    Note

    If this is the first integration you've added, we'll ask for details about your internal domains and IPs. See Provide your domain and IP details.

    Next, you configure an API to collect data from Rubrik.

  4. In Integration steps, do as follows:

    1. Enter an Integration name and Integration description.

    2. Enter the Base URL in the form https://<account>.my.rubrik.com (using your actual account name).

      You can see the Base URL within the Access Token URI you got earlier.

    3. Enter the Client ID and Client Secret you copied from Rubrik.

    4. Click Save.

We create the integration and it appears in your list. If its status icon shows a green tick, your data should appear in the Sophos Data Lake after validation.

More information