Versions Compared

Old Version 2

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version 3

changes.mady.by.user Sarah Bigault

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
minLevel2
maxLevel2
typeflat

Configuration requirements

To run this collector, there are some configurations detailed below that you need to consider.

Configuration

Details

Cylance APP

You need to run a Cylance app.

Application ID

Once you create the App, it gives you an Application ID.

Application Secret

Once you create the App, it gives you an Application Secret.

Tenant ID

You can find it in your Cylance console.

Info

Refer to the Vendor setup section to know more about these configurations.

Overview

The 1Password collector pulls data from the 1Password Events API and forwards to Devo.

Devo collector features

Feature

Details

Allow parallel downloading (multipod)

not allowed

Running environments

collector server

Populated Devo events

standard

Data sources

Source

Data source

Description

API

Path

endpoint

Collector

Service Name

service name

Devo table

Available from release

Item Usage

Returns information about items in shared vaults that have been modified, accessed, or used. Events include the name and IP address of the user who accessed the item, when it was accessed, and the vault where the item is stored.

/api/v1/itemusages

item_usage

v1.0

auth.agilebits.onepassword.itemusage

v0.1.0

Sign-in Attempts

Returns information about sign-in attempts. Events include the name and IP address of the user who attempted to sign in to the account, when the attempt was made, and -- for failed attempts -- the cause of the failure.

/api/v1/signinattempts

sign_in_attempts

auth.agilebits.onepassword.signinattempt

v0.1.0

Audit

Returns information about actions performed by team members within a 1Password account. Events include when an action was performed and by whom, along with details about the type and object of the action and any other information about the activity. More info here on audit events.

/api/v1

.0.0

/auditevents

audit

auth.agilebits.onepassword.audit

v0.1.2

For more information on how the events are parsed, visit our page.

Flattening preprocessing

Data source

Collector service

Optional

Flattening details

Source

Service

  • yes

  • no

Flattening steps

Vendor setup

Generate a

...

Bearer Token

To issue a bearer token:

  1. Sign in to your account on Password Manager for Families, Businesses, Teams | 1Password http://1Password.com and click Integrations in the sidebar.

  2. Choose the Events Reporting integration where you want to issue a token and click “Add a token”.

  3. Enter a name for the bearer token and choose when it will expire. Select or deselect the event types the token has access to, then click Issue Token.

  4. Click Save in 1Password and choose which vault to save your token to. Then click View Integration Details.

Info

Additional Information: Get started with 1Password Events Reporting | issue or revoke bearer tokens

Identify Your 1Password

...

Server

The URL of the server that hosts your 1Password account is required in order to make requests to the 1Password Events API.

If your account is on:

Your Events API URL is:

Password Manager for Families, Businesses, Teams | 1Password

1Password.com

https://events.1password.com (1Password Business) https://events.ent.1password.com (1Password Enterprise)

Pricing & free trial | 1Password

http://1Password.ca

https://events.1password.ca

European pricing & free trial | 1Password

http://1Password.eu

https://events.1password.eu

Info

Additional Information: Get started with 1Password Events Reporting | Servers

...

Info

This minimum configuration refers exclusively to those specific parameters of this integration. There are more required parameters related to the generic behavior of the collector. Check setting sections for details.

Setting

Details

base_url

The URL of the server that hosts your 1Password account

token

Access token created in the 1Password console.

Info

See the Accepted authentication methods section to verify what settings are required based on the desired authentication method.

Run the collector

Run the collector

Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector).

We use a piece of software called Collector Server to host and manage all our available collectors. If you want us to host this collector for you, get in touch with us and we will guide you through the configuration.

Change log for v1.0.0

Release

Released on

Release type

Details

Recommendations

v1.0.1

Status
colourGreen
titleV1

Release Version

Recommended version

v1.0.0

Status
colourGreen
titleV1

Release Version

Recommended version

Change log for v0.x.x

Release

Released on

Release type

Details

Recommendations

v0.1.2

10/03/23

Status
colourGreen
titlePRE-RELEASE

Pre-release version of collector

Not ready for general release

v0.1.1

02/10/23

Status
colourGreen
titlePRE-RELEASE

Pre-release version of collector

Not ready for general release

v0.1.0

02/09/23

Status
colourGreen
titlePRE-RELEASE

Pre-release version of collector

Not ready for general release