Overview
This user guide describes the Seqrite Endpoint Security tool integration with Seceon aiSIEM through the API
Steps of Configuration
To add the Seqrite Endpoint API method support follow the steps that are mentioned below:
Login Seceon UI: >provisioning >Add-on device >click on add button
To add the Sophos Central support Follow the steps that are mentioned below.
Device: Select the name of the device 'seqrite Endpoint Security'.
Name: We can take anything here according to our interest.
CCE Host: Enter the CCE IP.
Enter the Access ID/user name :Required Username
Password/Secret Key: Required password from seqrite team
Now enter the valid JSON Format in the last field. Below is the JSON that you have to put.
{"host": "x.x.x.x", "database_name": "db_name", "port_num": 423, "time_duration": 15, "procedure_call":{"dlp": "pro_dlp", "virus": "pro_virus", "web": "pro_web"}}
Click on the Save button.
Verification
STEP1: Login to UI >> SYSTEM>> LOGS AND FLOWS COLLECTION STATUS .
STEP 2: >> LOGS AND FLOWS COLLECTION STATUS .
STEP 3: >>Inside SOURCE DEVICE IP, IP will reflect.