This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Cloudflare integration with RSA SA

VishamRawat
Beginner
Beginner

‎2019-01-28 03:37 AM

Cloudflare makes available Logpull a RESTful API to request logs over HTTP from its platform.

 

Question is, is there a module or method within RSA SA to make queries to an external API such as Logpull, requesting for logs, and then subsequently ingest them within the Decoder?

 

Logs are generated in JSON format, for which a custom parser can be managed, however how do I get the logs consumed by RSA SA, to begin with?

3 REPLIES 3

JoshRandall
Valued Contributor Valued Contributor
Valued Contributor

‎2019-01-28 12:32 PM

The Plugin Collection capability sounds like what you're looking for: https://community.rsa.com/docs/DOC-84695

 

That document walks through the process for developing your own plugin to pull from *any* API.


Mr. Mongo

MichaelJacob4
Beginner
Beginner

‎2020-06-24 04:09 PM

Vote to add the functionality:

 

 

RustyEstes
New Contributor
New Contributor
In response to MichaelJacob4

‎2020-08-06 03:31 PM

Interesting how Splunk has a plug-in for Cloudflare for their customer base.

© 2022 RSA Security LLC or its affiliates. All rights reserved.