Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Instructions to configure Sophos Central, to export logs to a SIEM
Overview:
This document will help you with the steps to ingest the configure Sophos Central, to export logs to a SIEM with Seceon SIEM to have better visibility of threats happening in your environment
How to send alert and event data to your SIEM
You require a token to access event data via the API.
In Sophos Central Admin, go to Global Settings > API Token Management.To create a new token, click Add token from the top-right corner of the screen.
Select a token name and click Save. The API Token Summary for this token is displayed.
Click Copy to copy your API Access URL + Headers from the API Token Summary section into your clipboard.
Configuration On the GUI
Go to Provisioning >> Add-on Devices >> Add-on Configuration to configure the Sophos Central.
Seceon Inc. All rights reserved. https://www.seceon.com