Use https://seceonhelp.freshdesk.com/support/login to access updated Knowledge Base Articles, Submit Technical Support Tickets and Review Status of submitted support tickets.
Device Configuration: Forcepoint Email Cloud
Overview
This user guide describes the Forcepoint Email Cloud tool integration with Seceon aiSIEM through the API
Prerequisites
Following Changes required on Forcepoint Email Cloud
The Account should have Log Export permission (Under Account Permissions, check the Log Export box)
Use the Account > SIEM Storage page of the cloud portal to configure the storage
optionsNote: Use Forcepoint storage
Steps of Configuration
To add the Seqrite Endpoint API method support follow the steps that are mentioned below:
Login Seceon UI: >provisioning >Add-on device >click on add button
Steps
To add the Forcepoint Email Cloud support, Follow the steps mentioned below.
Enter a unique name for the device.
Enter the CCE IP.
Enter Forcepoint email cloud user name in Access ID/user name and password in password/Secret Key
Now enter the valid JSON Format in the last field, no need to put JSON ( only Add- {} )
Click on the Save button.
Verification On the Seceon UI
Step 1: Log in to UI with Administrative Rights & Navigate to System>> Log/Flow Collection Status Option.
Steps 2: Inside Source Device IP, the IP Address of the Device will reflect including the no. of logs sent to the Seceon Servers.
Seceon Inc. All rights reserved. https://www.seceon.com