This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Announcements
Webinar May 29th: Log Ingestion: Bindplane + Google SecOps
Log in to ask a question

Ingestion API Use Case

Posted on 12-27-2024 07:49 AM
AJMSecOps
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

What are the most appropriate use cases for using the Ingestion API for log ingestion? I have a few SaaS applications (e.g. Trellix Email Security) that I am looking to onboard via the Ingestion API, with working test code. 

0 1 161
Topic Labels
0 Likes
1 REPLY 1

Posted on --/--/---- --:-- AM
rajukg
Staff
Reply posted on --/--/---- --:-- AM

The ingest API is mainly used to ingest logs into Chronicle when we may not have a native integration to the products.  Please take a look at these cloud functions as samples to create your own cloud function using the Chronicle  ingest API.  I am assuming Trellix Email Security has an API you can call to pull the logs.

https://github.com/chronicle/ingestion-scripts

 

0 Likes
Top Solution Authors
View all