Back to Integrations
integrationCrowdStrike node
HTTP Request
integrationKafka node

CrowdStrike and Kafka integration

Save yourself the work of writing custom integrations for CrowdStrike and Kafka and use n8n instead. Build adaptable and scalable Cybersecurity, and Development workflows that work with your technology stack. All within a building experience you will love.

How to connect CrowdStrike and Kafka

  • Step 1: Create a new workflow
  • Step 2: Add and configure nodes
  • Step 3: Connect
  • Step 4: Customize and extend your integration
  • Step 5: Test and activate your workflow

Step 1: Create a new workflow and add the first step

In n8n, click the "Add workflow" button in the Workflows tab to create a new workflow. Add the starting point – a trigger on when your workflow should run: an app event, a schedule, a webhook call, another workflow, an AI chat, or a manual trigger. Sometimes, the HTTP Request node might already serve as your starting point.

CrowdStrike and Kafka integration: Create a new workflow and add the first step

Step 2: Add and configure Kafka and CrowdStrike (using the HTTP Request node)

You can find Kafka and CrowdStrike nodes in the nodes panel and drag them onto your workflow canvas. Kafka node comes with pre-built credentials and supported actions. CrowdStrike can be set up with the HTTP Request node using a pre-configured credential type. The HTTP Request node makes custom API calls to CrowdStrike. Configure Kafka and CrowdStrike nodes one by one: input data on the left, parameters in the middle, and output data on the right.

Kafka and CrowdStrike integration: Add and configure Kafka and CrowdStrike nodes

Step 3: Connect Kafka and CrowdStrike

A connection establishes a link between Kafka and CrowdStrike (or vice versa) to route data through the workflow. Data flows from the output of one node to the input of another. You can have single or multiple connections for each node.

Kafka and CrowdStrike integration: Connect Kafka and CrowdStrike

Step 4: Customize and extend your Kafka and CrowdStrike integration

Use n8n's core nodes such as If, Split Out, Merge, and others to transform and manipulate data. Write custom JavaScript or Python in the Code node and run it as a step in your workflow. Connect Kafka and CrowdStrike with any of n8n’s 1000+ integrations, and incorporate advanced AI logic into your workflows.

Kafka and CrowdStrike integration: Customize and extend your Kafka and CrowdStrike integration

Step 5: Test and activate your Kafka and CrowdStrike workflow

Save and run the workflow to see if everything works as expected. Based on your configuration, data should flow from Kafka to CrowdStrike or vice versa. Easily debug your workflow: you can check past executions to isolate and fix the mistake. Once you've tested everything, make sure to save your workflow and activate it.

Kafka and CrowdStrike integration: Test and activate your Kafka and CrowdStrike workflow

Build your own CrowdStrike and Kafka integration

Create custom CrowdStrike and Kafka workflows by choosing triggers and actions. Nodes come with global operations and settings, as well as app-specific parameters that can be configured. You can also use the HTTP Request node to query data from any app or service with a REST API.

Supported API Endpoints for CrowdStrike

GetDeviceDetails
Retrieve device details for a specific host.
GET
/devices/entities/devices/v1
QueryDevicesByFilter
Query devices by filter.
GET
/devices/queries/devices/v1
PerformDeviceAction
Perform a device action such as 'Contain' or 'Lift Containment'.
POST
/devices/entities/devices-actions/v2
GetDeviceSnapshots
Get snapshots of device status.
GET
/devices/entities/snapshots/v1
GetDeviceDetailsById
Retrieve device details for a specific host by device ID.
GET
/devices/entities/devices/v1?ids={device_id}

To set up CrowdStrike integration, add the HTTP Request node to your workflow canvas and authenticate it using a predefined credential type. This allows you to perform custom operations, without additional authentication setup. The HTTP Request node makes custom API calls to CrowdStrike to query the data you need using the URLs you provide.

See the example here

Take a look at the CrowdStrike official documentation to get a full list of all API endpoints

GetAlerts
Retrieve a list of alerts.
GET
/alerts/queries/alerts/v1
GetAlertDetails
Retrieve details of a specific alert.
GET
/alerts/entities/alerts/v1
AcknowledgeAlert
Acknowledge a specific alert.
POST
/alerts/entities/alerts-actions/v1
UpdateAlert
Update details of a specific alert.
PATCH
/alerts/entities/alerts/v1
DeleteAlert
Delete a specific alert.
DELETE
/alerts/entities/alerts/v1

To set up CrowdStrike integration, add the HTTP Request node to your workflow canvas and authenticate it using a predefined credential type. This allows you to perform custom operations, without additional authentication setup. The HTTP Request node makes custom API calls to CrowdStrike to query the data you need using the URLs you provide.

See the example here

Take a look at the CrowdStrike official documentation to get a full list of all API endpoints

QueryDetections
Retrieve detections based on provided query parameters.
GET
/detects/queries/detects/v1
GetDetectionDetails
Retrieve details for a specific detection.
GET
/detects/entities/detects/v1
UpdateDetection
Update details of a specific detection.
PATCH
/detects/entities/detects/v1
AcknowledgeDetection
Acknowledge a specific detection.
POST
/detects/entities/detects-actions/v1
DeleteDetection
Delete a specific detection.
DELETE
/detects/entities/detects/v1

To set up CrowdStrike integration, add the HTTP Request node to your workflow canvas and authenticate it using a predefined credential type. This allows you to perform custom operations, without additional authentication setup. The HTTP Request node makes custom API calls to CrowdStrike to query the data you need using the URLs you provide.

See the example here

Take a look at the CrowdStrike official documentation to get a full list of all API endpoints

GetUsers
Retrieve a list of users.
GET
/users/queries/users/v1
GetUserDetails
Retrieve details of a specific user.
GET
/users/entities/users/v1
CreateUser
Create a new user.
POST
/users/entities/users/v1
UpdateUser
Update details of a specific user.
PATCH
/users/entities/users/v1
DeleteUser
Delete a specific user.
DELETE
/users/entities/users/v1

To set up CrowdStrike integration, add the HTTP Request node to your workflow canvas and authenticate it using a predefined credential type. This allows you to perform custom operations, without additional authentication setup. The HTTP Request node makes custom API calls to CrowdStrike to query the data you need using the URLs you provide.

See the example here

Take a look at the CrowdStrike official documentation to get a full list of all API endpoints

FAQs

  • Can CrowdStrike connect with Kafka?

  • Can I use CrowdStrike’s API with n8n?

  • Can I use Kafka’s API with n8n?

  • Is n8n secure for integrating CrowdStrike and Kafka?

  • How to get started with CrowdStrike and Kafka integration in n8n.io?

Looking to integrate CrowdStrike and Kafka in your company?

Over 3000 companies switch to n8n every single week

Why use n8n to integrate CrowdStrike with Kafka

Build complex workflows, really fast

Build complex workflows, really fast

Handle branching, merging and iteration easily.
Pause your workflow to wait for external events.

Code when you need it, UI when you don't

Simple debugging

Your data is displayed alongside your settings, making edge cases easy to track down.

Use templates to get started fast

Use 1000+ workflow templates available from our core team and our community.

Reuse your work

Copy and paste, easily import and export workflows.

Implement complex processes faster with n8n

red iconyellow iconred iconyellow icon