Set up a Cortex XSOAR engine on a remote machine.
Engines are installed on a remote machine and used mainly for the following:
Integration instances for on-prem applications. For example, the GitLab v2 integration enables you to run commands on GitLab instances.
Execute scripts and commands that require access to on-prem resources. For example, the Active Directory v2 integration enables you to run commands in Active Directory.
Generic Indicator export service. In Cortex XSOAR, you can configure an EDL to share a list of Cortex XSOAR indicators with other products in your network, such as a firewall or SIEM. For example, your Palo Alto Networks firewall can add IP address and domain data from the EDL to block or allow lists.
Load balancing which enables the distribution of the command execution load.
Before installation, we recommend you review the engine requirements for hardware and operating systems. Engines can be installed on Linux machines running a variety of operating systems, including Ubuntu, RHEL, Oracle Linux, and Amazon Linux.
To learn more about engines, requirements, and installation, see Engines.