07-11-2024 11:39 AM
Hello,
I want to forward the alerts generated from Cisco Secure Endpoint to my custom SIEM.
Which type of API would best fit in this case?
Thanks,
Dino
07-11-2024 12:19 PM
07-18-2024 01:41 PM
Tried to setup the event stream api but no logs are coming in, is there any documentation, FAQ or relevant videos for these kind of issues?
And question, the ioc api is not the actual alerts on the EDR console (successfully deployed this one, but only IOC information is displayed and not the actual alert), which one would be used for specifically and only the alerts generated in the secure endpoint console.
Thanks,
Dino
07-18-2024 02:44 PM
07-16-2024 01:28 AM
You can use microsoft graph api.
07-18-2024 01:38 PM
Not using azure.
07-21-2024 10:30 PM
if you have azure premium P1 licence that's enough.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide