This user guide describes the Forcepoint Email Cloud tool integration with Seceon aiSIEM through the API
The Account should have Log Export permission (Under Account Permissions, check the Log Export box)
Use the Account > SIEM Storage page of the cloud portal to configure the storage
options
Note: Use Forcepoint storage
To add the Seqrite Endpoint API method support follow the steps that are mentioned below:
Login Seceon UI: >provisioning >Add-on device >click on add button
To add the Forcepoint Email Cloud support, Follow the steps mentioned below.
Enter a unique name for the device.
Enter the CCE IP.
Enter Forcepoint email cloud user name in Access ID/user name and password in password/Secret Key
Now enter the valid JSON Format in the last field, no need to put JSON ( only Add- {} )
Click on the Save button.
Step 1: Log in to UI with Administrative Rights & Navigate to System>> Log/Flow Collection Status Option.
Steps 2: Inside Source Device IP, the IP Address of the Device will reflect including the no. of logs sent to the Seceon Servers.