Skip to main content

Create SIEM Connector

Select

SaaS
Customer Managed

This API creates a new SIEM Connector. For more details click here

Request Body
  • opType integer required

    Default value: 1

    1 for create 2 for update

  • connectorName string required

    SIEM Connector Name

  • connectorEntityType integer required

    Possible values: [1, 2]

    1 for Syslog 2 for webhook

  • connectorEntityId integer required

    Id of the entity (webhook id or syslogserver id)

  • enabled boolean required

    Flag to enable or disable

  • connectorPolicy object[] required

    List of connector policy

  • enabled boolean required

    Flag to enable or disable the policy

  • dataType string required

    Possible values: [ALERTS, AUDIT, EVENTS]

  • template string

    You must provide the template that is suitable for the particular third-party webhook application that you configured. Get the template from API . Only needed for webhook SIEM connector

Responses

OK

Schema
  • errorMessage string
  • errorCode integer
POST /logstreamingconnector

Authorization

type: apiKeyname: Authtokenin: header

Request

Click Edit to configure Base URL
https://CommandCenterHostName/commandcenter/api
Security Scheme
token
Body
{

  "opType": 1,

  "connectorName": "string",

  "connectorEntityType": 1,

  "connectorEntityId": 0,

  "enabled": true,

  "connectorPolicy": [

    {

      "enabled": true,

      "dataType": "ALERTS",

      "template": "string"

    }

  ]

}

curl -L -X POST 'https://CommandCenterHostName/commandcenter/api/LogStreamingConnector' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authtoken: <API_KEY_VALUE>' \
--data-raw '{
  "opType": 1,
  "connectorName": "string",
  "connectorEntityType": 1,
  "connectorEntityId": 0,
  "enabled": true,
  "connectorPolicy": [
    {
      "enabled": true,
      "dataType": "ALERTS",
      "template": "string"
    }
  ]
}'