Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.

Device Configuration: Seqrite Endpoint Security

Overview

This user guide describes the Seqrite Endpoint Security tool integration with Seceon aiSIEM through the API

Steps of Configuration

To add the Seqrite Endpoint API method support follow the steps that are mentioned below:

Login Seceon UI: >provisioning >Add-on device >click on add button

 

To add the Sophos Central support Follow the steps that are mentioned below.

  • Device: Select the name of the device 'Seqrite Endpoint Security'.

  • Name: We can take anything here according to our interests.

  • CCE Host: Enter the CCE IP.

  • Enter the Access ID/user name: Required Username

  • Password/Secret Key: Required password from seqrite team

  • Now enter the valid JSON Format in the last field. Below is the JSON that you have to put.

 {"host": "x.x.x.x", "database_name": "db_name", "port_num": 423, "time_duration": 15, "procedure_call":{"dlp": "pro_dlp", "virus": "pro_virus", "web": "pro_web"}}

  • host : please put the IP of the Seqrite server

  • database name: the name of the database where your Seqrite logs are getting stored

  • port number: The port which is used on Seqrite to store the logs

  • Click on the Save button.

Verification

On UI

Step 1: Log in to UI with Administrative Rights & Navigate to System>> Log/Flow Collection Status Option.

Steps 2: Inside Source Device IP, the IP Address of the Device will reflect including the no. of logs sent to the Seceon Servers.

On CCE

  • Login with seceon user

  • Run the command : otmdoc -m

  • Go inside the add on container by running the command : cd cce-addon-devices

  • Run the command : crontab -l

  • Run the python script of Seqrite and check if there is any error

Seceon Inc. All rights reserved. https://www.seceon.com