McAfee SIEM does not have a way to easily add support for a custom API data source. I would look into something like logstash, which supports many types of collection methods including HTTP/S and then log data could be forwarded via syslog to McAfee SIEM. Once you are collecting the logs, you will need to create custom regex to parse the data. This process will not be easy, but can be done with a little work.
The best way to solve this though is to get the integration built into McAfee SIEM. as per this webpage:
There are already a bunch of partners. I would think a feature request would probably be the best place to start.
How to Write an ESM Custom Parser and Troubleshoot a Data Source Product Documentation ID: PD24926 Last Modified: 1/24/2014
If you have the mappings are could obtain them the above article can show you how to write the parser into the siem
JDell, cbayless, thank you both for the replies. I will look into the options provided. The document linked here is very helpful!
checkout skyformation.com . we are deploying for our customers their cloud services connectors middleware for the last few months and with good results. Their solution monitors the entire audit events across cloud services they support (check their website because I am not sure which currently supported) and send into the customer ESM over syslog in CEF. They do a lot of the data classification effort as well before sending the data to ESM.
We used to develop our own office 365 connectors for our customers using powershell and the Office 365 management API, but too frequent API changes from the cloud service providers made it not worthwhile to keep this route.