A Tenzir integration is a specific way to integrate with a third-party tool or technology.
All integrations rely on pipelines in
some form. For some applications, there exist dedicated operators, e.g., the
Splunk integration using the
to_splunk output operator. Integrating with
other applications means merely using an existing generic operator, such as
the http operator to fetch data from
APIS.
Often, integrations with tools end up as a parameterizable package in our freely available library on GitHub. In particular, packages can also provide enrichment contexts and accompanying pipelines that periodically load external data into the context. Several packages that provide threat intelligence feeds in our library follow this pattern.