Set up the private remote repository feature.
Before you begin, verify that you have network connectivity from Cortex XSIAM to the private remote repository. All communication goes through Cortex XSIAM, so it must have access to the remote repository. If direct access from Cortex XSIAM is not enabled you can use engines with access to the repository.
The following are typical scenarios for setting up a private remote repository for the production and one or more development tenants.
Note
Once enabled, the development push tenant has a red banner on the top left showing DEV.
New development tenant and new or existing production tenant
In this scenario, the production tenant is first activated as a standalone (by default), and the built-in remote repository is then enabled in the production tenant (as a pull tenant). Once enabled, the first development tenant becomes the push tenant and any additional tenants become pull tenants.
Perform the following procedures in the order listed below.
Existing development and production tenants
In this scenario, the production and development tenants were managed in parallel with different sets of content. Since they were already activated in Cortex Gateway, their remote repository settings can only be changed within the tenants.
Note
The first tenant that is enabled pushes its content to the remote repository first. For example, these instructions describe enabling the production tenant first, so the remote repository will initially contain production tenant content. You can enable a development tenant first if you want the remote repository to initially contain the content from the development tenant.
Perform the following procedures in the order listed below.