Holm Security is a cybersecurity platform which is a agent based- service that runs on the devices operating system for active vulnerability threat scanning and asset tracking . We here providing you the steps to ingest the device with Seceon SIEM to have a better visibility of threats happening in your environment .
Enter the name of the device (you can give any random name for ex. Holm Security).
Enter the CCE IP.
Now skip the Access ID/username section and give any input in the password/Secret Key section.
Now in valid JSON Format in the last field, put JSON with valid credentials as (these credentials need to be made available by the respective device administrator) :
{
"token":"test",
"protocol":"https",
"domain":"http://my-api.holmsecurity.com ",
"port":"443",
"version":"v2"
}
If the doployment is "On-Prem" version will be “v2” and if it is "Cloud Based" version will be “v1”. |
5. Click on the Save button.
Navigate to log/flows collection under the System tab, we can check Holm Security there.