cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted

API Data Sources

Jump to solution

Has anyone created data sources using API before, like the builtin ones for VMWare? Have customers requiring logs from Cloud based services that can only be retrieved via API. Or do I have to relay on third party tools to retrieve and convert into a format SIEM can support

1 Solution

Accepted Solutions
McAfee Employee rlourenc
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: API Data Sources

Jump to solution

Hi Jacques

i would imagine that if you can pull the data using an API and place it into a file, you can then create a custom parser to pull the data out of the file over CIFS or other collection methods.  but these would not be supported out the box by the SIEM as the parsers are created normally for a specific collection method.

3 Replies
McAfee Employee rlourenc
McAfee Employee
Report Inappropriate Content
Message 2 of 4

Re: API Data Sources

Jump to solution

Hi Jacques

i would imagine that if you can pull the data using an API and place it into a file, you can then create a custom parser to pull the data out of the file over CIFS or other collection methods.  but these would not be supported out the box by the SIEM as the parsers are created normally for a specific collection method.

Reliable Contributor akerr
Reliable Contributor
Report Inappropriate Content
Message 3 of 4

Re: API Data Sources

Jump to solution

It does support some cloud services, like Amazon and Microsoft, depending on what verison of the SIEM you're running.  So it can pull directly from APIs.

Re: API Data Sources

Jump to solution

Thanks to both, the response was as I expected unfortunately. 

MPower Badge Now Available
Customers attending MPower can earn a community badge. Check into the MPower forum and say hi to have the badge awarded to your community profile.