cancel
Showing results for 
Search instead for 
Did you mean: 

API Data Sources

Jump to solution

Has anyone created data sources using API before, like the builtin ones for VMWare? Have customers requiring logs from Cloud based services that can only be retrieved via API. Or do I have to relay on third party tools to retrieve and convert into a format SIEM can support

1 Solution

Accepted Solutions
McAfee Employee rlourenc
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: API Data Sources

Jump to solution

Hi Jacques

i would imagine that if you can pull the data using an API and place it into a file, you can then create a custom parser to pull the data out of the file over CIFS or other collection methods.  but these would not be supported out the box by the SIEM as the parsers are created normally for a specific collection method.

5 Replies
McAfee Employee rlourenc
McAfee Employee
Report Inappropriate Content
Message 2 of 6

Re: API Data Sources

Jump to solution

Hi Jacques

i would imagine that if you can pull the data using an API and place it into a file, you can then create a custom parser to pull the data out of the file over CIFS or other collection methods.  but these would not be supported out the box by the SIEM as the parsers are created normally for a specific collection method.

Reliable Contributor akerr
Reliable Contributor
Report Inappropriate Content
Message 3 of 6

Re: API Data Sources

Jump to solution

It does support some cloud services, like Amazon and Microsoft, depending on what verison of the SIEM you're running.  So it can pull directly from APIs.

Re: API Data Sources

Jump to solution

Thanks to both, the response was as I expected unfortunately. 

Highlighted
MA1453
Level 8
Report Inappropriate Content
Message 5 of 6

Re: API Data Sources

Jump to solution
Hi, I need help to get API from Azure to SIEM ESM 10.3. Can you help me?
McAfee Employee rlourenc
McAfee Employee
Report Inappropriate Content
Message 6 of 6

Re: API Data Sources

Jump to solution

Hi 

 

What exactly do you need to know.  the setup for Azure is at https://docs.mcafee.com/bundle/enterprise-security-manager-data-sources-configuration-reference-guid...

More McAfee Tools to Help You
  • Subscription Service Notification (SNS)
  • How-to: Endpoint Removal Tool
  • Support: Endpoint Security
  • eSupport: Policy Orchestrator
  • Community Help Hub

      New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

    • Find Forum FAQs
    • Learn How to Earn Badges
    • Ask for Help
    Go to Community Help

    Join the Community

      Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

    • Get helpful solutions from McAfee experts.
    • Stay connected to product conversations that matter to you.
    • Participate in product groups led by McAfee employees.
    Join the Community
    Join the Community