C2C Source
\Introduction\
The {{source name}} collects {{data/event types}} from {{source of origin}}. {{What the app does}}.
Example: The Microsoft Graph Security API Source provides a secure endpoint to consume alerts from the Microsoft Graph Security API endpoint. It securely stores the required authentication, scheduling, and state tracking information. One threat event is reported for each affected device.
\Depending on the availability in the Fed, add the below note.\
This source is not yet available in the Fed deployment.
Data collected
\Add all the data sources and respective polling interval information.\
| Polling Interval | Data |
|---|---|
{{Polling time in minutes}} | {{Data sources}} |
Example: | Polling Interval | Data | | ;--- | :--- | | 5 min | Team Events
Setup
Vendor configuration
Prerequisites
\NOTE: This section doesn't apply to all sources; use only where needed.\
Example: You'll need a Dropbox App Key, App Secret, and Access Code to provide to Sumo Logic. To generate these credentials, ...
\Insert steps to configure the Source in the Vendor UI.\
Example: Vendor configuration
Source configuration
\Insert steps to configure the Source in the Sumo Logic UI.\
Example: Source configuration
Metadata fields
\Insert metadata fields in the Sumo Logic UI. Update the below table accordingly.\
| Field | Value | Description |
|---|---|---|
{{field}} | {{value}} | {{Description}} |
JSON schema
Sources can be configured using UTF-8 encoded JSON files with the Collector Management API. See how to use JSON to configure Sources for more details.
| Parameter | Type | Value | Required | Description |
|---|---|---|---|---|
| schemaRef | JSON Object | {"type":"/*c2c-name*/"} | Yes | Define the specific schema type. |
| sourceType | String | "Universal" | Yes | Type of source. |
| config | JSON Object | Configuration parameters | Yes | Source type specific values. |
Config Object
\Add information about the configuration parameters. Update the below table accordingly.\
| Parameter | Type | Required | Default | Description | Example |
|---|---|---|---|---|---|
| name | String | Yes | null | Type a desired name of the source. The name must be unique per Collector. This value is assigned to the metadata field _source. | "mySource" |
| description | String | No | null | Type a description of the source. | "Testing source" |
| category | String | No | null | Type a category of the source. This value is assigned to the metadata field _sourceCategory. See best practices for details. | "mySource/test" |
| fields | JSON Object | No | null | JSON map of key-value fields (metadata) to apply to the Collector or Source. Use the boolean field _siemForward to enable forwarding to SIEM. | {"_siemForward": false, "fieldA": "valueA"} |
{{Parameter}} | {{Type}} | {{Yes/No}} | null | {{Description}} | {{Example}} |
JSON example
\Create and add the JSON config in the dropbox and import it here.\
component-name
Terraform example
\Create and add the Terraform config in the dropbox and import it here.\
component-name}
Troubleshooting
\This section doesn't apply to all sources; use only where needed\
FAQ
Click here for more information about Cloud-to-Cloud sources.