CloudSEK XVigil collector
Overview
CloudSEK XVigil is a unified Digital Risk Protection platform that apprehends threats posed on the surface web, deep web, and dark web including brand intelligence and attack surface monitoring.
Devo collector features
Feature | Details |
---|---|
Allow parallel downloading ( |
|
Running environments |
|
Populated Devo events |
|
Flattening preprocessing |
|
Allowed source events obfuscation |
|
Data sources
Data source | Description | API endpoint | Collector service name | Devo table | Available from release |
---|---|---|---|---|---|
Alerts | Alerts related to incidents |
|
|
|
|
For more information on how the events are parsed, visit our page.
Vendor setup
Steps
Action | Steps |
Obtain API token | Login to your CloudSEK admin portal to retrieve your API token or contact CloudSEK support to retrieve your API token. |
Assigning necessary permissions
Only the credentials above are required.
Minimum configuration required for basic pulling
Although this collector supports advanced configuration, the fields required to retrieve data with basic configuration are defined below.
This minimum configuration refers exclusively to those specific parameters of this integration. There are more required parameters related to the generic behavior of the collector. Check setting sections for details.
Setting | Details |
---|---|
| Base URL of your CloudSEK instance. |
| The |
Accepted authentication methods
Setting | Details |
---|---|
| Required |
Run the collector
Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).
Collector services detail
This section is intended to explain how to proceed with specific actions for services.
Events service
Collector operations
This section is intended to explain how to proceed with specific operations of this collector.
Change log
Release | Released on | Release type | Details | Recommendations |
---|---|---|---|---|
| Jan 6, 2025 | status:Changed | * Upgraded the DCSDK to v1.13.1
* Ensure special characters are properly sent to the platform
* Changed log level to some messages from info to debug
* Changed some wrong log messages
* Upgraded some internal dependencies
* Changed queue passed to setup instance constructor
* Ability to validate collector setup and exit without pulling any data
* Ability to store in the persistence the messages that couldn't be sent after the collector stopped
* Ability to send messages from the persistence when the collector starts and before the puller begins working
* Updated DevoSDK to v5.1.9
* Fixed some bug related to development on MacOS
* Added an extra validation and fix when the DCSDK receives a wrong timestamp format
* Added an optional config property for use the Syslog timestamp format in a strict way
* Updated DevoSDK to v5.1.10
* Fix for SyslogSender related to UTF-8
* Enhace of troubleshooting. Trace Standardization, Some traces has been introduced.
* Introduced a mechanism to detect "Out of Memory killer" situation
* Change internal queue management for protecting against OOMK
* Extracted ModuleThread structure from PullerAbstract
* Improve Controlled stop when both processes fails to instantiate
* Improve Controlled stop when InputProcess is killed
* Fixed error related a ValueError exception not well controlled
* Fixed error related with loss of some values in internal messages
* Upgraded the docker base image to 1.3.1.
* Added support of new API version. |
|
| Jun 2, 2023 | status:NEW COLLECTOR | New collector |
|