Overview
This user guide describes the Oracle Cloud Device integration with Seceon SIEM to have a better visibility of threats happening in your environment.
Configuration Steps for Flow logs
Sign in to your OCI console.
Click on your profile icon and go to your user ID.
In the resources section go to API Keys and select Add API Key.
Click Download Private Key, download the private key and keep it in save place as it is one time downloadable only and click Add.
Save all the configuration file field information (except key file field).
Note: if you missed something click on 3 dot of your generated API Key and select View Configuration File to get details again.
In Logging go to Logs section, search Virtual Cloud Network and enable the logs service for the same.
Go to our Seceon UI and under provisioning screen go to Cloud Configuration.
In Flows section click Add and add the information asked i.e., configuration file details generated (step 5), upload your private key that you generated (step 4), Copy the OCID of the logs group and log service enabled for VCN Flow (Step 6) and click Save.
VERIFICATION OF CONFIGURATION
Verification can be done from UI.
Using UI
STEP 1: Log in to UI >> SYSTEM
STEP 2: >> LOGS AND FLOWS COLLECTION STATUS.
STEP 3: >>Inside SOURCE DEVICE IP, IP will reflect.