Vectra 365 collector
Overview
Vectra REST API is available for administrators and developers to integrate Vectra’s breach detection data into their applications. Vectra RESTful API provides access to security event data, platform configuration, and health information via URI paths.
Devo collector features
Feature | Details |
---|---|
Allow parallel downloading ( |
|
Running environments |
|
Data sources
Data source | Description | Devo table |
---|---|---|
Detections | Detection objects contain all the information related to security events detected in the environment |
|
For more information on how the events are parsed, visit our page.
Flattening preprocessing
Data source | Collector service | Optional | Flattening details |
---|---|---|---|
Source | Service |
| Flattening steps |
Vendor setup
API Clients
Getting access to the Vectra Platform API is done through the creation of an API Client. Creation of an API Client will provide a set of OAuth 2.0 credentials that will be used to gain authorization to the Vectra Platform API. Please note that management of API Clients is restricted to Detect users with the role Super Admin. To create an API client, log in to your Detect portal and navigate to Manage → API Clients.
Creating a new API Client
From the API Clients page, select Add API Client to create a new client.
Creating a new API Client has one required parameter:
Role – the role maps the API Client to a set of permissions, similar to the way a Detect UI user
would be assigned a role. The role must be the following:Read-Only
Creating a new API Client has two optional parameters:
Name – a user-friendly name to identify the client (up to 256 characters)
Description – a brief description to aid in identifying the client (up to 2048 characters)
Once you have entered the API Client information, select Generate Credentials to get your client credentials.
Be sure to record your Client ID and Secret Key for safekeeping. You will need these two credentials to authenticate as an API Client in the Vectra Platform API.
Run the collector
Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).
Change log
Release | Released on | Release type | Details | Recommendations |
---|---|---|---|---|
| Apr 24, 2024 | NEW FEATURE | New features:
|
|