cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
jacquesj1
Level 7

API Data Sources

Jump to solution

Has anyone created data sources using API before, like the builtin ones for VMWare? Have customers requiring logs from Cloud based services that can only be retrieved via API. Or do I have to relay on third party tools to retrieve and convert into a format SIEM can support

0 Kudos
1 Solution

Accepted Solutions
rlourenc
Level 9

Re: API Data Sources

Jump to solution

Hi Jacques

i would imagine that if you can pull the data using an API and place it into a file, you can then create a custom parser to pull the data out of the file over CIFS or other collection methods.  but these would not be supported out the box by the SIEM as the parsers are created normally for a specific collection method.

0 Kudos
3 Replies
rlourenc
Level 9

Re: API Data Sources

Jump to solution

Hi Jacques

i would imagine that if you can pull the data using an API and place it into a file, you can then create a custom parser to pull the data out of the file over CIFS or other collection methods.  but these would not be supported out the box by the SIEM as the parsers are created normally for a specific collection method.

0 Kudos
akerr
Level 9

Re: API Data Sources

Jump to solution

It does support some cloud services, like Amazon and Microsoft, depending on what verison of the SIEM you're running.  So it can pull directly from APIs.

0 Kudos
jacquesj1
Level 7

Re: API Data Sources

Jump to solution

Thanks to both, the response was as I expected unfortunately. 

0 Kudos