...
Data source | Collector service | Optional | Flattening details |
|---|---|---|---|
Source | Service |
|
Vendor setup
There are some steps you need to follow in order to set up this collector:
Log in with your credentials to the Carbon Black console.
Note your ORg Key on the top-left of the console.
Go to Settings → API Access.
Select the Access Level tab.
Click on Add Access Level on the top-right.
Give it a unique name and a description.
Scroll down in the table below and look for the Event forwarding category. Mark the columns as the image below and click Save.
Select the API Keys tab.
Click on Add API Key.
Give it a unique name and the appropriate access levels. Select Custom so you can choose the Access Level you created before. Note - Choose a name to clearly distinguish the API from your other API Keys. You can also add Authorized IP addresses and a description to differentiate among other APIs.
Click Save and your credentials will display.
You can view your credentials by opening the Actions drop-down and selecting API Credentials.
Create your forwarder using the following API. A successful creation will add a healthcheck.json file to your event folder in your S3 bucket.
Update your config.yalm with the appropriate values, including the AWS region and SQS qeue_name.
...