# Crowdstrike Next-Gen SIEM integration (QUX)

Integrating **Vectra Detect** data with **CrowdStrike NextGen-SIEM** enables seamless threat detection and enhanced security visibility. This guide outlines the steps required to configure and direct Vectra’s log output to CrowdStrike’s NG-SIEM platform. By leveraging syslog output directed through a log collector (such as Humio), the data is transmitted to CrowdStrike’s NextGen-SIEM using the HEC (HTTP Event Collector) data connector. A custom parser within NG-SIEM processes this data, ensuring that it is accurately parsed and stored in CrowdStrike’s NextGen-SIEM environment. This setup allows security teams to monitor Vectra alerts and events within the broader CrowdStrike ecosystem, supporting improved threat correlation and streamlined incident response.

### Attachments

{% file src="/files/v94jmbWeu4On38ukBWpD" %}

{% file src="/files/nIgvcGMqKz9nPv45cV5f" %}


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.vectra.ai/configuration/response/siem/crowdstrike-nextgen-siem-integration-qux.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.