From fe79b5595f4b8655e8b8c6f133288344d9627ba7 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 12 Dec 2024 19:01:06 +0530 Subject: [PATCH 01/22] Dragos C2C (Source) --- cid-redirects.json | 1 + .../product-list/product-list-a-l.md | 1 + .../dragos-source.md | 135 ++++++++++++++++++ .../index.md | 6 + sidebars.ts | 2 +- static/files/c2c/dragos/example.json | 21 +++ static/files/c2c/dragos/example.tf | 22 +++ static/img/send-data/dragos-logo.png | Bin 0 -> 14232 bytes 8 files changed, 187 insertions(+), 1 deletion(-) create mode 100644 docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md create mode 100644 static/files/c2c/dragos/example.json create mode 100644 static/files/c2c/dragos/example.tf create mode 100644 static/img/send-data/dragos-logo.png diff --git a/cid-redirects.json b/cid-redirects.json index 819ad35b15..9cabb97f0e 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -1614,6 +1614,7 @@ "/cid/10122": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/webex-source", "/cid/10125": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-cyber-resilience-source", "/cid/10126": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/trust-login-source", + "/cid/10129": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source", "/cid/10135": "/docs/manage/manage-subscription/manage-org-settings", "/cid/10136": "/docs/send-data/hosted-collectors/amazon-aws/aws-kinesis-firehose-logs-source", "/cid/10234": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/trellix-mvisio-epo-source", diff --git a/docs/integrations/product-list/product-list-a-l.md b/docs/integrations/product-list/product-list-a-l.md index 10e625dd91..17453bff70 100644 --- a/docs/integrations/product-list/product-list-a-l.md +++ b/docs/integrations/product-list/product-list-a-l.md @@ -197,6 +197,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Doppel](https://www.doppel.com/) | Partner integration: [Doppel Vision](https://github.com/SumoLogic/sumologic-public-partner-apps/tree/master/DoppelVision) | | Thumbnail icon | [Doppler](https://www.doppler.com/) | Partner integration: [Doppler](https://docs.doppler.com/docs/sumologic) | | Thumbnail icon | [Downdetector](https://downdetector.com/) | Automation integration: [Downdetector](/docs/platform-services/automation-service/app-central/integrations/downdetector/) | +| Thumbnail icon | [Dragos](https://www.dragos.com//) | Collector: [Dragos](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source) | | Thumbnail icon | [Dropbox](https://www.dropbox.com/) | App: [Dropbox](/docs/integrations/saas-cloud/dropbox/)
Automation integration: [Dropbox](/docs/platform-services/automation-service/app-central/integrations/dropbox/)
Cloud SIEM integration: [Dropbox](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/a0a4317b-2185-4c72-a8f2-13033636a8d6.md)
Collector: [Dropbox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dropbox-source/) | | Thumbnail icon | [Druva](https://www.druva.com/) | Apps:
- [Druva](/docs/integrations/saas-cloud/druva/)
- [Druva Cyber Resilience](/docs/integrations/saas-cloud/druva-cyber-resilience/)
Automation integration: [Druva](/docs/platform-services/automation-service/app-central/integrations/druva/)
Cloud SIEM integration: [Druva](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/fafcf2d2-4fb8-4903-92ad-5a5572ceb75a.md)
Collectors:
- [Druva Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-source/)
- [Druva Cyber Resilience Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-cyber-resilience-source/) | | Thumbnail icon | [Duo](https://duo.com/) | App: [Duo Security](/docs/integrations/security-threat-detection/duo-security/)
Automation integration: [Duo](/docs/platform-services/automation-service/app-central/integrations/duo/)
Cloud SIEM integration: [Druva](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/2a10e3c0-7835-4b29-81a4-9a7573b2f345.md)
Collector: [Duo Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source/) | diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md new file mode 100644 index 0000000000..51520e7053 --- /dev/null +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -0,0 +1,135 @@ +--- +id: dragos-source +title: Dragos Source +sidebar_label: Dragos +tags: + - Dragos +description: Collect address, asset, vulnerability, and zone details from the Dragos API and send them to Sumo Logic. +--- +import CodeBlock from '@theme/CodeBlock'; +import ExampleJSON from '/files/c2c/dragos/example.json'; +import MyComponentSource from '!!raw-loader!/files/c2c/dragos/example.json'; +import TerraformExample from '!!raw-loader!/files/c2c/dragos/example.tf'; +import useBaseUrl from '@docusaurus/useBaseUrl'; + +dragos-logo + +Dragos is a cybersecurity platform with an ecosystem tailored for industrial environments, including Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS), and Operational Technology (OT) environments. +Dragos's Operational Technology (OT) offers clear visibility into your Industrial Control System (ICS) assets and communications. It monitors networks, detects threats, and addresses vulnerabilities without causing disruptions or shutdowns, helping you respond confidently to potential threats. + +The Dragos source collects address, asset, vulnerability, and zone details from the Dragos API and sends it to Sumo Logic for streamlined analysis. + +## Data collected + +| Polling Interval | Data | +| :--- | :--- | +| 5 min | Vulnerability | +| 24 hrs | Addresses | +| 24 hrs | Zones | +| 24 hrs | Assets | + +## Setup + +### Vendor configuration + +The Dragos source supports API token-based authentication and requires you to provide the **Endpoint URL**, **API ID**, and **API Secret** to access the data. + +#### Endpoint URL + +You can use the Hostname to create the Endpoint URL. For example, `https:///`. + +#### API ID and API Secret + +Follow the instructions below to generate the API ID and API Secret: + +1. Open the Dragos platform and navigate to the **Admin** > **User**. +1. Click **ADD NEW API KEY** under the **API Keys** section. +1. Enter the name of the API Key in the **Name** field and then click **GENERATE KEY**. +1. Copy the **API ID** and **API Secrect**. + +### Source configuration + +When you create a Dragos Source, you add it to a Hosted Collector. Before creating the Source, identify the Hosted Collector you want to use or create a new Hosted Collector. For instructions, see [Configure a Hosted Collector](/docs/send-data/hosted-collectors/configure-hosted-collector). + +To configure a Dragos Source: +1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Collection > Collection**.
[**New UI**](/docs/get-started/sumo-logic-ui). In the Sumo Logic top menu select **Configuration**, and then under **Data Collection** select **Collection**. You can also click the **Go To...** menu at the top of the screen and select **Collection**. +1. On the Collection page, click **Add Source** next to a Hosted Collector. +1. Search for and select **Dragos**. +1. Enter a **Name** for the Source. The description is optional. +1. (Optional) For **Source Category**, enter any string to tag the output collected from the Source. Category metadata is stored in a searchable field called `_sourceCategory`. +1. (Optional) **Fields**. Click the **+Add** button to define the fields you want to associate. Each field needs a name (key) and value. + * ![green check circle.png](/img/reuse/green-check-circle.png) A green circle with a check mark is shown when the field exists in the Fields table schema. + * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema is ignored, known as dropped. +1. Enter the **Endpoint URL** of Dragos platform. For example, `https://test.cxc.dragos.cloud/`. +1. Enter the following details for authorization: + 1. **API ID**. API ID of your account. For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. + 1. **API Secret**. API Secret of your account. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. +1. Check the following boxes to collect the required data: + 1. **Collect Vulnerability** + 1. **Collect Addresses** + 1. **Collect Zones** + 1. **Collect Assets** +1. **Processing Rules**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). +1. When you are finished configuring the Source, click **Save**. + +## JSON schema + +Sources can be configured using UTF-8 encoded JSON files with the Collector Management API. See [how to use JSON to configure Sources](/docs/send-data/use-json-configure-sources) for details.  + +| Parameter | Type | Value | Required | Description | +|:--|:--|:--|:--|:--| +| schemaRef | JSON Object | `{"type":"Dragos"}` | Yes | Define the specific schema type. | +| sourceType | String | `"Universal"` | Yes | Type of source. | +| config | JSON Object | [Configuration object](#configuration-object) | Yes | Source type specific values. | + +### Configuration Object + +| Parameter | Type | Required | Default | Description | Example | +|:--|:--|:--|:--|:--|:--| +| name | String | Yes | `null` | Type a desired name of the source. The name must be unique per Collector. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_source`. | `"mySource"` | +| description | String | No | `null` | Type a description of the source. | `"Testing source"` | +| category | String | No | `null` | Type a category of the source. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_sourceCategory`. See [best practices](/docs/send-data/best-practices) for details. | `"mySource/test"` | +| fields | JSON Object | No | `null` | JSON map of key-value fields (metadata) to apply to the collector or source. Use the boolean field _siemForward to enable forwarding to SIEM.| `{"_siemForward": false, "fieldA": "valueA"}` | +| requestEndpoint | String | Yes | `null` | The API URL to fetch the data from the Dragos log source. | `https://sumologic-dragos.cxc.dragos.cloud/` | +| apiID | String | Yes | `null` | API ID of your account for authorization. | `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx` | +| apiSecret | String | Yes | `null` | API Secret of your account for authorization. | `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx` | +| pollingIntervalVulnerabilityMin | String | Yes | `5 mins` | Time interval (in minutes) after which the source will check for new data for API. +Default: 5 min +Min: 5 min +Max: 60 min | | +| pollingIntervalAddressesHour | String | Yes | `24 hrs` | Time interval (in hours) after which the source will check for new data for API. +Default: 24 hrs +Min: 12 hrs +Max: 24 hrs | | +| pollingIntervalZonesHour | String | Yes | `24 hrs` | Time interval (in hours) after which the source will check for new data for API. +Default: 24 hrs +Min: 12 hrs +Max: 24 hrs | | +| pollingIntervalAssetsHour | String | Yes | `24 hrs` | Time interval (in hours) after which the source will check for new data for API. +Default: 24 hrs +Min: 12 hrs +Max: 24 hrs | | +| collectAddressDetails | Boolean | No | `True` | Specify if you need to collect the address details. | | +| collectZoneDetails | Boolean | No | `True` | Specify if you need to collect the zone details. | | +| collectDeviceDetails | Boolean | No | `True` | Specify if you need to collect the assets details. | | +| collectVulnerabilityDetails | Boolean | No | `True` | Specify if you need to collect the vulnerability details. | | + +### JSON example + +{MyComponentSource} + +Download example + +### Terraform example + +{TerraformExample} + +Download example + +## FAQ + +:::info +Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources. +::: + + diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md index 41299f9036..aa0bcbe5af 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md @@ -247,6 +247,12 @@ In this section, we'll introduce the following concepts:

Learn how to collect customer event data from the DocuSign and send it to Sumo Logic.

+
+
+ Thumbnail icon

Dragos

 +

Learn how to collect address, asset, vulnerability, and zone details from the Dragos API and send them to Sumo Logic.

+
+
dropbox-icon.png

Dropbox

 diff --git a/sidebars.ts b/sidebars.ts index 7e2d71086e..0d45ed3d0d 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -424,7 +424,7 @@ module.exports = { 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/cybereason-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/digital-guardian-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/docusign-source', - 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/dropbox-source', + 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-cyber-resilience-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source', diff --git a/static/files/c2c/dragos/example.json b/static/files/c2c/dragos/example.json new file mode 100644 index 0000000000..adb537c863 --- /dev/null +++ b/static/files/c2c/dragos/example.json @@ -0,0 +1,21 @@ +{ + "API.version": "v1", + "source": { + "config": { + "name": "Dragos", + "requestEndpoint": "https://sumologic-dragos.cxc.dragos.cloud/", + "apiID": "036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx", + "apiSecret": "xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx", + "collectVulnerability": true, + "collectAddress": true, + "collectZone": false, + "collectAsset": false, + "pollingIntervalVulnerabilityMin": "24h", + "pollingIntervalAddressesHour": "5h" + }, + "schemaRef": { + "type": "Dragos" + }, + "sourceType": "Universal" + } + } \ No newline at end of file diff --git a/static/files/c2c/dragos/example.tf b/static/files/c2c/dragos/example.tf new file mode 100644 index 0000000000..d36e69db6f --- /dev/null +++ b/static/files/c2c/dragos/example.tf @@ -0,0 +1,22 @@ +resource "sumologic_cloud_to_cloud_source" "dragos-source" { + collector_id = sumologic_collector.collector.id + schema_ref = { + type = "Dragos" + } + config = jsonencode({ + "name": "Dragos", + "requestEndpoint": "https://sumologic-dragos.cxc.dragos.cloud/", + "apiID": "036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx", + "apiSecret": "xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx", + "collectVulnerability": true, + "collectAddress": true, + "collectZone": false, + "collectAsset": false, + "pollingIntervalVulnerabilityMin": "24h", + "pollingIntervalAddressesHour": "5h" + }) +} +resource "sumologic_collector" "collector" { + name = "my-collector" + description = "Just testing this" +} \ No newline at end of file diff --git a/static/img/send-data/dragos-logo.png b/static/img/send-data/dragos-logo.png new file mode 100644 index 0000000000000000000000000000000000000000..53649370ac0af9ce82a0fb4bf4aca3ba9575889e GIT binary patch literal 14232 zcmb_@gL5WN)Nag;v9WDC+1O4t-q^OCY-~Gk?2T>njcwa@ZhrTE_5B5Rs?MCAKBv2; zYNm0Xr%$+|yaWOq4jc#w2!fQPsPeaN_?8+NsPB8Rjwso;0(DZB5C-`-iFfk-;BKNJ zWhy5JLi1gQ0f7L;0fGF_Tw!Go)QQ__{$oH;8cT{?md!QSTf_23}38yc@pbLHQgQ@l7Exl6U^=xhU2Tq&`+#Phr?mHf9jbF;>!qIu9FGY#oFIMMm z5LUsf4^!FP&2s^`uxD`5fTd>OOXNlI;kk#3+rPnvhUUzaCRdfEc{;@=O^~Lu{c(R~ zzoFx&_ljo38c=SaF6;GVSF>Hv=LuJ&jB^&oy-9GhPhc$ka<;%3FFs3P$4Lq22gGgH z>mGj(K|;0(MJ$$K2*Lz&A{=yjLhlQY#L=18QS8>!W6F#_qCXu7hresxOFp+t-a_Dg z(q``T+v^>D@q=SKH>Ito+IHtMVrpNvz6WCL89xtWYh$WgNb%r{@!BrIDLM*W@L0_l{y7+lzlET zBptGdln#Kxx@>HE!rQAsx%$N$GR*j5Gd#@ZCxs0Fx2$rlzj(H&e;Uy2r{4#B}Vwa3#lVX~Gc{2DeIbd+4 z9u;D1dX;YS)t9JQcDmZ|6r3d(J+ai9aqUgch-j7rHy`%IGsul1*_(V*;3*$3%ep=L zKrco*?3>x4W7Az`rB!pS>qx}hLKr(Vr(NE`Kdr~(ne#O=(+xbpWxECfXY*c)sTA9!9_$|xHx(no_o}lnGT*MK^m}Q1z*y_cRIE_L9 zk*-upm!#Llez1^ic$Wh&YV`-pQg`DQq4b>MI8baiP5zQ`Cby822CXZ_isQ#=#2&?h zJd3p=&=w@nt1^9gS(xr?4uXtAdfX+>o;JyU?Waar4^PVbi=_<}dzxmWCtcetcYodg zG#`HeVPwFyuuWr{?a98#K)31%ztWn$ibED`9zXXgZUw%3E*aF9T_$lyYAzorN2h_P zgZ7Nnj`-}cX(m35F=UP!^&u1bQ-NHb>=Q#>pizFVG=U%1u+dghoY0wRYeZ$(CJ~^?9`;0nMrqhj3+6pl*?)PoeY8Da#edhOg{M2PKqHMF=h;NT(E1O z;Z~_AdG>P=5!UnMaehv)t5j`?=UY4=F0dSBANhBY)reX$q0CFdOTz&hO~hE*5mW4h zTxC}{W*>I>5$|kTomco6qX$pHT^656H?4wm?63>|WsX1xdPOaoUd4<#vf9ZSh+}aH zpCnaI<$&`j56^H-Aaizg=F18|fRl?K%L36EN6o`fc?Y8jw;X%$c$~V1Sy+f@lg!qR zd%>%8pIWj2c(zvy?f`_v_CXf^b$+L;g+x-{7kU;*R59PTK=cd0MKS-*W#wlYs`XAyJIdV9EZFJ~;lGEpm zZLM1+dFTG>Hg4OvhU_@@W*W{QodQMBSecMZ5VIT_$uo6$p{l5o{M)fqE_b39@O)B^ zu?vYg@;kE}XvL1eqHRRuu(TZj zf}I-DD-c;V$b?V_C`d`|bYVNUYb7*myUvT_wB%=$Ey zazS^A*6PHRSS)lyov}=^+y41u?)c4GVhO%8nN(n5myI`&|$H||D2`sSa74nO} zZ+imfl1Lh$w2h${%AX>}=E_0M@H(6WRXzWS;^pEdVinmM} zR(&j<@lMc0-z|~Y>F*nF`Bh^Z7VRWd_WTSn_%XQUdP>f-$S%vn`-0cKjmIWOF+V-0ItX6!tQjVtJPGcH@ya zfv_i0Bx(#-q%s7G!=ygWdWkY>@4_JZ!+FT5h_}n`5#kIUA=EkCgq9W!^|7Vn8kyH~ zHDVCh)!^KAU|WXDoF5&4(nQ5QiL|w9)5>_X3-h2`MMi5Zi9^z#HfL#K^KlA~dqERk z{n9^fMh$QcyK@=SWtH9+)b)MXcDRGLz{wZ$2G@M>CtS zBh&T-HT7=ku4$P)P2anaAakB(WZ`0`^_XmWRe`zyX9G*qz%-}`Fu$bZenYAwhz^4v z8QvkVJ`TZpyn#%VYyVd#UqPtEqcDo_9KGu4^tCQ!sx_nd_7;%P89MUwL)59_qJJ-; z_mARcA5# zIaQG#yKZ{{UYMyvI$Q>gsXFpS=3+5AOE8VxEC*WtYemCGSHOAQ5nxZ`DCoNPJac%d zxmSq^8Z(y-b@X=e59f|{G%;^8XgzeAVm1^dnV<^P^md+~ZjxQM;;%LntLgjGxy&>I z*j_+86#fqnT#%?$-sa*D`jVbnRU(`hgj)#xkeMbMhM4QYnX@HLhG4O**?KnR{HoD*EWp6<=XYrig~V=K&Zd9 zG!Jdzz$5UnZ5$c}m!W|+Uep*9>iJW=j^iYbu^L(=$@5^)mTOdev>GNdvSLWp>VwVj6Lf7G)` z4AX;Kk~5W&5i~l{X2d`8vso`;150hQ7dB6#^|}2sH=I#)K+1oIc1TRZ@-c((#uLsV zyNOq}LZHL;+ZXQ*NGolHY};s05mWR|Ty}_=f+;r73Xc9RJQA{6NmnW{^@mA2Ca3O} zktjAfcK{TyaUX7Fbe=|UBi}``#yOuIXVLa&UH8QMpb*k*Vfq{#r)ujy_pI+jV!Xdb zr+3(iJVBOXLZ+hMmf!iS%Qck%liv}aRsu`Fs8O<%lCaC5i5jzCilT51aoYbS`D1v$ zTgOJO4p9|IK9lQI!AvH9RhlSRKfrq13auNZA|GDKZr`AbMGzxZAFySiZt-!)EDte?j=6zfe={8Ox>W^%z)Y(Lv<&Wr16> zeZPR+(564s38`Ts8P~=9D0B>B64Qxa1&&fA=`QXvK|^5+&vB5*UC{n zDT3y?we6Jk#0TRxg;haSRGZC_Ir$XsE{Ds{2H~U3vRdyItFz(F1#T+QrI8u8Mmwz4 zI>CK;K%4&TM|q}xEozYeInWW#0S)uxs(E&Jc1kjuXfYO;jdcwk>#U47>=E{spjut< z=klou2+>&IMVoe^$wP>-vmW0MWP?=KMk>|S*p;j3?MO6=$BHr@bGJugy!>dI%=dX)eF1`%^$vx>h zEfxj#^wz(uf@PV}Ianx{F>bbj*BxyylW@zHu@5ZP@dca2p|nhjL!8)17%q}1j9OOU-Ka@n@_lQjoJ>JKU4EzE7|_RMz)!uXWwwW zO0ZwZR3dNths9A3a^$CY)F`uUnH1)Oa2mj~M|` z4a_*zU1(^>Y?F5JFP@zpbBiZ=7u7c>aV$lL(!=XY&`L4UyK))lcw2dd-XY7{Miuag(j;ACRSwW>47q*2WIpm`ntIIZz*| zOXAw6vSIVJ5^Mw3?)4j&3rKQEllYwv29&Z}B#y;kA1voy^5pUhsVUqWph-bNxJ3C2 zm>4_Y`q>At*NtwBq|}1uNX~K-^d243dysMj>=4;kYD@TmT~&mJzqlJTfX!Aqqm)BV~!+0qU}^l$w-=Wg?W zz=L}RN>6VP#@?*T=Bf^P9OFY9!EQPmU+_gyf?IR{V%|zig-br`kB+OE^+eZ}+TV@% zyhBn|F7F%FNver!n=Pl5n`E4Zv{fF z?6cOn439wQNDyy)r^b^y|5Tgv_kpgo68coADq6Dip08(mK@BZ=nCQER2)NFTjEKq_ zF34n7Y0ZPy->r#^IW{V?xUTE;whE>#1%qY~b4rqjn3U#AribSfQ_2pby1@+;rkP_Jl$fM7*#aiqzcD^(tSB@pcGaJRGNFRrVkFeL8MaoU! zQ_u`W;!nNLS}l zn5xcnGGz`eBtj!P{6}-<(eq64a=SAd83Y}llr0iJ);mMakT{b%@$WKAzKNDc<(2ce zKsd~l=$e3T(Afv(tKaue=tUyWpPB7@|MWrVOH<{6nZ4Yb(M$-$M;qJ1)etCBZeqp2 zWqVU_^y@D8PQ*Y)1ErZ&F$aQ#{4Z0t=!09tG?dPorkkHtNMX49KX=|$*$ITaiOMiu ze2eG-;w=}=JO@$W$-8>hX*T^;HSR-m%OcjQc;ppn>hxU%?k-E{e?sSLRW}{mgIO(h zL@7oTT8$^3cZ$KdKP<$WJIF5N1;u~t_oOk=ZPBR=%}r4^f@bcUhd~XiB1@VWB{$+A zS@44iUasPrhs*6G!k1*UqlfjHVz;&0cqvfxi(%DHUR;Sx$)t^-cosN6PbjCC9K$vP z9i@bC9)c9N`&47bUWN|WVbXh{%64?s0F0rbV{K0Y$&G2h#KjUD;`c!fz;cx=S~ci1 zu=yA55?}c5L7%Tu_t4pgzT`AzZ=PI9O)q%<$<+;H==-JR+<*LmG$$F_v#=*T4c|*e zwxl1Zg=tJ|+=l#v9=Tc|?fR_CjRK7Ojjq7gqHS-L>ZDxN*aS&<@k-ErENdB+_(Msr z+ahOO)Czc4UhE%Fp=E`VW|j0@D|{-&xY{nge~dUx+6{5iA>G|5}jk!?-M{Y;!gT zPpgUnn1{L#2~2lla%orE_`4Pt@<@vR%jlz^VOV6$h=nfX3s$@sikrq`p=~lrUHy`L z2|F*1f7bXfM^BT2?*>_f(0h#>Ub3~2`;J%wH}?a8t34C5yxrw4)0r#O~q zc6NjL#otwkTTsq)F0M2CgS@25xR(S5*TPc9bH-b+9Y8Xm$7CAZs!6Q169s*iY@D@9W}6CR@|w8rME0WioTYtX zd6!G@N*WN#O_+Qw7_-NLY45jyCqyBfmdb_|^a=d|U0927$lwe{RGqTv5tQX>7*5a@ zB{y?Wd?%`K700SrY1P)M)|S=(Jj1=NGT}tUj)tO%Z^F&I|2N56oVfmWh zS?(`TeAUB>^hR)ys=L{?*^y6z^MFJpMMfQ0o&f0ruK37CddywS^K5e-fKM_4aUt_* zI!Kp{gl&S>nXBBQt&oXy%tbXKnq#%CU+mfxd!U_vCbawlDLpEM8l_ZSub2FnlScya*%f^DC3(Q!Rcl(Yv8{9v!Qs2C zuYJaJ%pK-wBrW(p9Ks)QJ7RriFfZhJZK6fS_oRw8EjaSl|ejOy<5__*oH?9l6RGa}rxzdQ&!16Am)3NPYngQhEM zn!nezU=r2V=mvf=Vn@WYq@a4Drxf8dED5K>-?Si6k5z0f(b?GT3)pC;M`t?c4jjsyXM_Li;R%etmtsFQmrl&w?McC zz0txW#&k?^-Xv5co|z5QDHPe)Es{i2^H-3oO8Dz~HyX{;>HS&0RjgR<*lJz-(>hIh7zDY$)(Ffnyh< zZP&ZmTje82i3Q+q<-2vRM=et6xkbP@*A%I;K?;a&)>pEPNvDkMeUcfPRKMhpF>$;D z%_go7J#eU}3FoKgZWn(r_~%}VEwqqIsnCNIsXaxDohK~t(GCG-29q9zbS#@r{V?a? z`}&bX%HdVE!50zfMIOH5@S) zE8U{8>oVCB57(x(R8WTbhHcGaX>OH8>+{MMcntr{I`}3sc0R$F7~oU?R9E&#P+bl2 zt<$BzIlkf%!-(ixBP2Y!}p+FcJrxB9PQz04b++CgyxJ8dlLc9>U z?G~sm_EvST0hE2O4^j$>l^Qa1N$}F}RXRCxP|8Pz5FL+}g4(ab<|r{m zaq5Pju6R}rgF&a0e`+jiWn5V{IX(u39HEWVXQU|-X=7MikBPJwQ-Mmw{&1@@}<+^ovPk&*BrO=!i0Q&+Ux0_m79M%DvVg6 z?2%)k{rOxBmmd3NT)KrzhdbAXKMj#5U{5vNvJ+|=B%NoK@toh1Q+yuw-f~y?8^-Jp zMo4gHsdq1J)m%A|Qb4YlcRY4Uc)`}sRb?57mcX5;Z;wqAces*#d0Kyj$B9x!z#%c2 z73)mB@rP=Vov*+3cn*^7CnI0Nr+l42fn!0#x)JVE20snS)*O*8hcDr8%o*~7LG@5%K0>}{HVJ2V z@7vFy=fGLzUvqM^^?Cz;YW39&p3+;qaCW#kHmv#n!7$|h&*UG> z^I;&RaVAcMuA~oYMfrfpJEz}WZvMav*;z-epgO#T(Kc7L;9oTTAX@&ICk`l@o?7zJ zqpy9t(yT_trfJcdCx8>T&1I7&0=ou}fAsOY@6bfhZ@$h4)6XG9`48;PvQ*5?=2y%k zp3feshRg*Z2v03^eTj@O7^CB|f&EHEWa|#Cm72-Y$-lMYs^9HCDubfyCqP}t1@1{D zwm@gVO^q=Me{ynDY_M5&$$irxBemXx75xVSr4N^hPg*@~rdJaib4@~_O|+?1F`o`6 z)!@mUc&9^KHqgt{+*r$a!#{CNMMj&$`{5^~F^p-FiU;6nOwa*4LkiSY=XS13IvaWQ zptzMq=Qx_RmstYxE@0r&@6RRM*?J)QEo|v`xeJ|-+14yT777T330|{Mzu|pA?#FI| zMH7KLj~#lD1W2>EpF;5*J&T~rlAKFIzQJL|^`YgpTn{Ls+Cvv z;9U*ZZ|Nx_fA5ViO`%gds;d{3d_3$vMOABJ4p9#BjX2=bEVi~n8!mlQe=AJYJ#bhW zc%(p-JKPgq&L^kIlP7leBN3kNTl6oz0}Wei1mgi{I#x0*Z<7~mRy9pNv_a7LVJUOp zDo34;jXZ3ktNOLYVkaxI+&wOZKbWuCm(c?G5m|ZW4p>9-mP0W1H*5r8cuB=BNn%iy zGlx{GZa3>oycT>p?L!_63Rk$dZ{*zY2!RTi!*6{FCmaNm1hU(|){#82EK8B3w<2;w z*Psxo-tR`*{@g}5>1EAbJfL|H5OqlDy82OD>33+sZpRj-_{g(pi-WvowcN@q3|E4J z*heShJ+4@lXiJb(=U8)!N(^N(YG$u4Bt5&Vfjr0;E%_+DTy)TYo5n3(TZ=h|*o8;43%-un5c^mJdw0XyPa z1H*S7`DurkTg^W2Xtm||+q6?Fn0ep2HM!TK2s1oRz_ISmq{HrxLpuL0Watxy1mRlz zjgo`djls{b!&b^aWVqmFv#94-$ga^s2&#-_AoF?TXY|4gm@giz+fbTsMA z5|;&aesFA~R!~ilGa7#gCi`oeJ^7I5_ZBeGHlq{y4!*?K@rd{idQiyo!M=nZfbFo+ zdWXXy!bzcy6L{h|Hdo6mgg)D$E;ZzFRjhddOaY%wISz2S3u5C5J-$f3{W2B7tJtv# zDo?PM&DCLBP}>wcfDH=tDwy;#944;+c(zbDMsAm=^~?fXIamtCo`j|MCkFu$K+)#2 z(^5_P+k^+bG_*DXUmJFD^-?UbTX_<3rp^@uP~j~rhu$yve23a-1q)Wj3ZAN)>Dh8M zxqcTF!B=&UbEmHmCO#fzRrd1RoWPr-ND93Rndo#gl4OI@F<7m6dUR)%wOZCOP{0RW+4@{PMCXdhu&!WbqSl zi{NHdR9OI&(A$7Um(EBAyGl5XKV;ph+(;8r8VIIoQ8fQ{D-;X5n~&+oHp4Vy)!||a z-SAXZu74yV>@LD1_-2TvBe34V9D)!82;68XVpzVxf-W6gt$f{aVCrS*<)Jh|E;#Wj ztHaw>a9RDqU#qMjIQ4 zf%=97WGWc5BD02&2Eto9$8!Ls58$qUQ!PFqJwP@0a~kKJiu}b1hh(?{I+mMo?h}LI zk0#r|BAoM_CPgYyh{WQ!9gooZxZJPx+yZZ^@^y@=cr^R62JE|{^0$t_kkCU2%XlM2 zkKe1=qI@mi-(D%=bs=WCH}RvmT*PEHL3Vc-y3o$W@F-tSU<>pV=u#q=th`(N#-)_a zIr4Xr*?Z<|I;6$nJEnJK1TFnC9kj+x3wW>x?(A_41}y3D_<+)rC1TAuOd5NTI#GFq zby5f)i@HBxGyEyfSd)>KXyIszliq=S@gVXnbRq?}5UB^jFUs6&3>^U?iaynx6nsAa ztj;vBRg)J~%R`Wmcb_bp`yQ$kc(!f3Q1~{WpcR>gQ?dif$yC?($?4BcW3`UVE()g~ zB~zJ{kf+Xvv(GEri@2~;6D#bVanSb{c>h9NZgh*>h*l2dU+Uct`gbOBy=Zv5C3k6Y z``1hg^-uC^9bTh#7)Lb-!{emRb1Jkgbb(mm@<1! znLim(QDBzxhq(5TY#_EbOBxJJ#sKIFJr2h%eLnJbf{|Ez`}eH!;78%m1Ir(|%MLv} z9l^MYJOoC{M^OX@6o^iQ*_(7Td+l~=D+!|~O(Z+kqOUcQAALuMMvi6VZq6-G{B;9` zn6%V!OP}1|6KGg`h56YxmsrQn^BhI@A(1Rns$QEV331TjY!wwG%2isu&NigRcvPuJ z6^U|7u_qrY&gp6~*QT&i)W>do0QY-3qY53yoSTHb3%gvDPxr04y}-6mm;A)N74^Mp zer_UBu3yF`xuc$^oCE^Vw5J6_ZQI1`XWJ~NqV?R_NQ}l)%ss#17H%j` zpB8(14jz9EVLJZ|@&sOm!L6%Iq{fnC*A$E(tNpD=l-jIViA~wBs>*w<$1HH{>oMJJ zpSiIlnE@ZTVAp_GH|gEa_f1j@&{H4j*d{5DqW&3tWIy9Wu9MBXYTNxpetK+B^DyPK zRGaVPNJ9(cxbin!?UqSRjYk3vqhvft2SKxP+L!ycL)KZo#0(!vcspn&EHMihAl~u~ zpD8R!9HUIAt5oB?r}c)0Qe!=`xhzoA)^HMtWARp|Wsu+y0`y>Cd$ig~I8WJv{))n( zzVeN9aB(G47%v85k;A0FNF=`GU0?`j#BaD7yArvOFU4$9BsSOSf#TY!o$y9&9(`1U zYSM{&j|?@TYk!mvs4=WtOqh}s&*q3?kn~QT zekYYnTg@zBP&VZ52pBngbUp^Zq%JkDj6v?VOS09pep;mOcb9qNWX4p$pi%SzhA7-p zX1Nu+rq9qL?{ya~&gF@F8FiKqT6@?%mY zek#ft(k{kHuK|=yl=6nBh?u9J?A2$I`eo88^i-}YK`5cwb1hey zf}2iGw{%NvuRz?V0M;!Ii>L@FxfBkXjtGWl&QbSVC4W~K;fo&bTZGb7Mo! zwo%2$o{VwQ0ImA_jPI!47-pE5f-D&!-Y6rYKX)E0W&oQGzNC_O%X*Q@KqlHBcq*2x zHXD6Yb6*I$4>fa4KFIrNJ|{5f>gp=Idz$3!c zqRjQK0O4)_SlO->R`9FzG*idUO4%)2)%Om#)SPMaU^elk+$W~oS=mfd3EEPpVmoZ8oDL)CaH&Q zx;JEvIAnju-PcES_92jzGFjcQ+BQ%*El|Xs$P)0r5q&2cKOZ0zHQs7GrW@|- zD^Fdg7O7niHgl!g0Mg89+NE5xL5kFhY9lxoF27@*5TDs+4;}!U7-jlTaGi=UZ0~0w zzoJ;h2HaB~2f<0(bfR^9@)-aGNqqXE{IG2wn5Wc8x^tO2V&pN4HIc*!L4I=Dcq3wy zVl7KbtB|}H))wR@6-)n$w6>LGaqV3szs(cj4*Q-{44+D>AS+P3g14dr%thv2i;|fVBd_nm;Q@9t@=%DS^BP36k+7IeH;g_ z(-J!-W~Qma+k?-h@9)UhT>v^3*4uV$Tn)x1bEi4jim!yT`2nY=Md`x|t20nT*G3wE z&C}bPLc5<2MR9EY3*`CfKMdKu6fKli1R;4T$YMeWx9d(aB0OxdfNSsq{7(aiW`F=i)7WK3vPLGmT z`!yS@5EYQ9CCK4@`KC*Jr(mUXn)${S{0Gsa?>_695PT>{J&hE>i?fR3;06%BG05?a4>fGFT+hr MOkVV#uzukG0U=DnbN~PV literal 0 HcmV?d00001 From 58ffc42ccdb1847a311dce467792dc2ef0e343f2 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 12 Dec 2024 19:10:09 +0530 Subject: [PATCH 02/22] spell check --- .../cloud-to-cloud-integration-framework/dragos-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index 51520e7053..39eca330c6 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -45,7 +45,7 @@ Follow the instructions below to generate the API ID and API Secret: 1. Open the Dragos platform and navigate to the **Admin** > **User**. 1. Click **ADD NEW API KEY** under the **API Keys** section. 1. Enter the name of the API Key in the **Name** field and then click **GENERATE KEY**. -1. Copy the **API ID** and **API Secrect**. +1. Copy the **API ID** and **API Secret**. ### Source configuration From 70fdc070469cf5e16a9c31b37e0214a844862706 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 12 Dec 2024 22:47:08 +0530 Subject: [PATCH 03/22] minor updates on file size --- blog-service/2024-12-12-collection.md | 14 +++++++++ .../product-list/product-list-a-l.md | 2 +- .../dragos-source.md | 30 ++++++------------- .../index.md | 2 +- 4 files changed, 25 insertions(+), 23 deletions(-) create mode 100644 blog-service/2024-12-12-collection.md diff --git a/blog-service/2024-12-12-collection.md b/blog-service/2024-12-12-collection.md new file mode 100644 index 0000000000..206f35fc3a --- /dev/null +++ b/blog-service/2024-12-12-collection.md @@ -0,0 +1,14 @@ +--- +title: Dragos C2C Source (Collection) +image: https://help.sumologic.com/img/sumo-square.png +keywords: + - collection + - dragos-source +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +icon + +We're excited to announce the release of our new cloud-to-cloud source for Dragos. This source helps you to collect address, asset, vulnerability, and zone details from the Dragos API and ingest them into Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source). \ No newline at end of file diff --git a/docs/integrations/product-list/product-list-a-l.md b/docs/integrations/product-list/product-list-a-l.md index 17453bff70..d84adcf074 100644 --- a/docs/integrations/product-list/product-list-a-l.md +++ b/docs/integrations/product-list/product-list-a-l.md @@ -197,7 +197,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Doppel](https://www.doppel.com/) | Partner integration: [Doppel Vision](https://github.com/SumoLogic/sumologic-public-partner-apps/tree/master/DoppelVision) | | Thumbnail icon | [Doppler](https://www.doppler.com/) | Partner integration: [Doppler](https://docs.doppler.com/docs/sumologic) | | Thumbnail icon | [Downdetector](https://downdetector.com/) | Automation integration: [Downdetector](/docs/platform-services/automation-service/app-central/integrations/downdetector/) | -| Thumbnail icon | [Dragos](https://www.dragos.com//) | Collector: [Dragos](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source) | +| Thumbnail icon | [Dragos](https://www.dragos.com//) | Collector: [Dragos](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source) | | Thumbnail icon | [Dropbox](https://www.dropbox.com/) | App: [Dropbox](/docs/integrations/saas-cloud/dropbox/)
Automation integration: [Dropbox](/docs/platform-services/automation-service/app-central/integrations/dropbox/)
Cloud SIEM integration: [Dropbox](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/a0a4317b-2185-4c72-a8f2-13033636a8d6.md)
Collector: [Dropbox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dropbox-source/) | | Thumbnail icon | [Druva](https://www.druva.com/) | Apps:
- [Druva](/docs/integrations/saas-cloud/druva/)
- [Druva Cyber Resilience](/docs/integrations/saas-cloud/druva-cyber-resilience/)
Automation integration: [Druva](/docs/platform-services/automation-service/app-central/integrations/druva/)
Cloud SIEM integration: [Druva](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/fafcf2d2-4fb8-4903-92ad-5a5572ceb75a.md)
Collectors:
- [Druva Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-source/)
- [Druva Cyber Resilience Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-cyber-resilience-source/) | | Thumbnail icon | [Duo](https://duo.com/) | App: [Duo Security](/docs/integrations/security-threat-detection/duo-security/)
Automation integration: [Duo](/docs/platform-services/automation-service/app-central/integrations/duo/)
Cloud SIEM integration: [Druva](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/2a10e3c0-7835-4b29-81a4-9a7573b2f345.md)
Collector: [Duo Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source/) | diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index 39eca330c6..befa782886 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -12,7 +12,7 @@ import MyComponentSource from '!!raw-loader!/files/c2c/dragos/example.json'; import TerraformExample from '!!raw-loader!/files/c2c/dragos/example.tf'; import useBaseUrl from '@docusaurus/useBaseUrl'; -dragos-logo +dragos-logo Dragos is a cybersecurity platform with an ecosystem tailored for industrial environments, including Industrial Control Systems (ICS), Supervisory Control and Data Acquisition (SCADA), Distributed Control System (DCS), and Operational Technology (OT) environments. Dragos's Operational Technology (OT) offers clear visibility into your Industrial Control System (ICS) assets and communications. It monitors networks, detects threats, and addresses vulnerabilities without causing disruptions or shutdowns, helping you respond confidently to potential threats. @@ -23,10 +23,10 @@ The Dragos source collects address, asset, vulnerability, and zone details from | Polling Interval | Data | | :--- | :--- | -| 5 min | Vulnerability | -| 24 hrs | Addresses | -| 24 hrs | Zones | -| 24 hrs | Assets | +| 5 minutes | Vulnerability | +| 24 hours | Addresses | +| 24 hours | Zones | +| 24 hours | Assets | ## Setup @@ -93,22 +93,10 @@ Sources can be configured using UTF-8 encoded JSON files with the Collector Ma | requestEndpoint | String | Yes | `null` | The API URL to fetch the data from the Dragos log source. | `https://sumologic-dragos.cxc.dragos.cloud/` | | apiID | String | Yes | `null` | API ID of your account for authorization. | `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx` | | apiSecret | String | Yes | `null` | API Secret of your account for authorization. | `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx` | -| pollingIntervalVulnerabilityMin | String | Yes | `5 mins` | Time interval (in minutes) after which the source will check for new data for API. -Default: 5 min -Min: 5 min -Max: 60 min | | -| pollingIntervalAddressesHour | String | Yes | `24 hrs` | Time interval (in hours) after which the source will check for new data for API. -Default: 24 hrs -Min: 12 hrs -Max: 24 hrs | | -| pollingIntervalZonesHour | String | Yes | `24 hrs` | Time interval (in hours) after which the source will check for new data for API. -Default: 24 hrs -Min: 12 hrs -Max: 24 hrs | | -| pollingIntervalAssetsHour | String | Yes | `24 hrs` | Time interval (in hours) after which the source will check for new data for API. -Default: 24 hrs -Min: 12 hrs -Max: 24 hrs | | +| pollingIntervalVulnerabilityMin | String | Yes | `5 minutes` | Time interval (in minutes) after which the source will check for new data for API.
**Default**: 5 minutess
**Minimum**: 5 minutes
**Maximum**: 60 minutes | | +| pollingIntervalAddressesHour | String | Yes | `24 hours` | Time interval (in hours) after which the source will check for new data for API.
**Default**: 24 hours
**Minimum**: 12 hours
**Maximum**: 24 hours | | +| pollingIntervalZonesHour | String | Yes | `24 hours` | Time interval (in hours) after which the source will check for new data for API.
**Default**: 24 hours
**Minimum**: 12 hours
**Maximum**: 24 hours | | +| pollingIntervalAssetsHour | String | Yes | `24 hours` | Time interval (in hours) after which the source will check for new data for API.
**Default**: 24 hours
**Minimum**: 12 hours
**Maximum**: 24 hours | | | collectAddressDetails | Boolean | No | `True` | Specify if you need to collect the address details. | | | collectZoneDetails | Boolean | No | `True` | Specify if you need to collect the zone details. | | | collectDeviceDetails | Boolean | No | `True` | Specify if you need to collect the assets details. | | diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md index aa0bcbe5af..6f8096543f 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md @@ -249,7 +249,7 @@ In this section, we'll introduce the following concepts:
- Thumbnail icon

Dragos

 + Thumbnail icon

Dragos

Learn how to collect address, asset, vulnerability, and zone details from the Dragos API and send them to Sumo Logic.

From 5ed0ddd24b4a7d6c4d6b9e512a2ddf4c9f23f272 Mon Sep 17 00:00:00 2001 From: John Pipkin Date: Thu, 12 Dec 2024 13:31:05 -0600 Subject: [PATCH 04/22] Changed release note date to Dec 13 2024 --- .../{2024-12-12-collection.md => 2024-12-13-collection.md} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename blog-service/{2024-12-12-collection.md => 2024-12-13-collection.md} (100%) diff --git a/blog-service/2024-12-12-collection.md b/blog-service/2024-12-13-collection.md similarity index 100% rename from blog-service/2024-12-12-collection.md rename to blog-service/2024-12-13-collection.md From 4b3744cdff657b35e80767556c609ea208693da6 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 13 Dec 2024 12:31:05 +0530 Subject: [PATCH 05/22] Update docs/integrations/product-list/product-list-a-l.md Co-authored-by: John Pipkin (Sumo Logic) --- docs/integrations/product-list/product-list-a-l.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/product-list/product-list-a-l.md b/docs/integrations/product-list/product-list-a-l.md index d84adcf074..1cad5f7a02 100644 --- a/docs/integrations/product-list/product-list-a-l.md +++ b/docs/integrations/product-list/product-list-a-l.md @@ -197,7 +197,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Doppel](https://www.doppel.com/) | Partner integration: [Doppel Vision](https://github.com/SumoLogic/sumologic-public-partner-apps/tree/master/DoppelVision) | | Thumbnail icon | [Doppler](https://www.doppler.com/) | Partner integration: [Doppler](https://docs.doppler.com/docs/sumologic) | | Thumbnail icon | [Downdetector](https://downdetector.com/) | Automation integration: [Downdetector](/docs/platform-services/automation-service/app-central/integrations/downdetector/) | -| Thumbnail icon | [Dragos](https://www.dragos.com//) | Collector: [Dragos](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source) | +| Thumbnail icon | [Dragos](https://www.dragos.com//) | Collector: [Dragos Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source) | | Thumbnail icon | [Dropbox](https://www.dropbox.com/) | App: [Dropbox](/docs/integrations/saas-cloud/dropbox/)
Automation integration: [Dropbox](/docs/platform-services/automation-service/app-central/integrations/dropbox/)
Cloud SIEM integration: [Dropbox](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/a0a4317b-2185-4c72-a8f2-13033636a8d6.md)
Collector: [Dropbox Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dropbox-source/) | | Thumbnail icon | [Druva](https://www.druva.com/) | Apps:
- [Druva](/docs/integrations/saas-cloud/druva/)
- [Druva Cyber Resilience](/docs/integrations/saas-cloud/druva-cyber-resilience/)
Automation integration: [Druva](/docs/platform-services/automation-service/app-central/integrations/druva/)
Cloud SIEM integration: [Druva](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/fafcf2d2-4fb8-4903-92ad-5a5572ceb75a.md)
Collectors:
- [Druva Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-source/)
- [Druva Cyber Resilience Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-cyber-resilience-source/) | | Thumbnail icon | [Duo](https://duo.com/) | App: [Duo Security](/docs/integrations/security-threat-detection/duo-security/)
Automation integration: [Duo](/docs/platform-services/automation-service/app-central/integrations/duo/)
Cloud SIEM integration: [Druva](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/2a10e3c0-7835-4b29-81a4-9a7573b2f345.md)
Collector: [Duo Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/duo-source/) | From a0b671354b9e7e41a9a78744dee6463f2d5c630f Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 13 Dec 2024 12:31:45 +0530 Subject: [PATCH 06/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: John Pipkin (Sumo Logic) --- .../cloud-to-cloud-integration-framework/dragos-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index befa782886..37b207f55e 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -49,7 +49,7 @@ Follow the instructions below to generate the API ID and API Secret: ### Source configuration -When you create a Dragos Source, you add it to a Hosted Collector. Before creating the Source, identify the Hosted Collector you want to use or create a new Hosted Collector. For instructions, see [Configure a Hosted Collector](/docs/send-data/hosted-collectors/configure-hosted-collector). +When you create a Dragos Source, you add it to a Hosted Collector. Before creating the Source, identify the Hosted Collector you want to use or create a new Hosted Collector. For instructions, see [Configure a Hosted Collector and Source](/docs/send-data/hosted-collectors/configure-hosted-collector). To configure a Dragos Source: 1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Collection > Collection**.
[**New UI**](/docs/get-started/sumo-logic-ui). In the Sumo Logic top menu select **Configuration**, and then under **Data Collection** select **Collection**. You can also click the **Go To...** menu at the top of the screen and select **Collection**. From e54b7ac1126e641f7aea861b9e68e6ea31efd05f Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 13 Dec 2024 12:32:17 +0530 Subject: [PATCH 07/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: John Pipkin (Sumo Logic) --- .../cloud-to-cloud-integration-framework/dragos-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index 37b207f55e..2723fc43a4 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -74,7 +74,7 @@ To configure a Dragos Source: ## JSON schema -Sources can be configured using UTF-8 encoded JSON files with the Collector Management API. See [how to use JSON to configure Sources](/docs/send-data/use-json-configure-sources) for details.  +Sources can be configured using UTF-8 encoded JSON files with the Collector Management API. See [Use JSON to Configure Sources](/docs/send-data/use-json-configure-sources) for details.  | Parameter | Type | Value | Required | Description | |:--|:--|:--|:--|:--| From b87ccde16ddfbcd5100fdb2d9e11986444e7cddd Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 13 Dec 2024 12:32:40 +0530 Subject: [PATCH 08/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: John Pipkin (Sumo Logic) --- .../cloud-to-cloud-integration-framework/dragos-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index 2723fc43a4..ed230e95a5 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -89,7 +89,7 @@ Sources can be configured using UTF-8 encoded JSON files with the Collector Ma | name | String | Yes | `null` | Type a desired name of the source. The name must be unique per Collector. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_source`. | `"mySource"` | | description | String | No | `null` | Type a description of the source. | `"Testing source"` | | category | String | No | `null` | Type a category of the source. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_sourceCategory`. See [best practices](/docs/send-data/best-practices) for details. | `"mySource/test"` | -| fields | JSON Object | No | `null` | JSON map of key-value fields (metadata) to apply to the collector or source. Use the boolean field _siemForward to enable forwarding to SIEM.| `{"_siemForward": false, "fieldA": "valueA"}` | +| fields | JSON Object | No | `null` | JSON map of key-value fields (metadata) to apply to the collector or source. Use the boolean field `_siemForward` to enable forwarding to SIEM.| `{"_siemForward": false, "fieldA": "valueA"}` | | requestEndpoint | String | Yes | `null` | The API URL to fetch the data from the Dragos log source. | `https://sumologic-dragos.cxc.dragos.cloud/` | | apiID | String | Yes | `null` | API ID of your account for authorization. | `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx` | | apiSecret | String | Yes | `null` | API Secret of your account for authorization. | `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx` | From 18b9ad004c867b9e4147e59263c027e54e2a135b Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 10:55:53 +0530 Subject: [PATCH 09/22] Create 2024-12-16-collection.md --- blog-service/2024-12-16-collection.md | 14 ++++++++++++++ 1 file changed, 14 insertions(+) create mode 100644 blog-service/2024-12-16-collection.md diff --git a/blog-service/2024-12-16-collection.md b/blog-service/2024-12-16-collection.md new file mode 100644 index 0000000000..206f35fc3a --- /dev/null +++ b/blog-service/2024-12-16-collection.md @@ -0,0 +1,14 @@ +--- +title: Dragos C2C Source (Collection) +image: https://help.sumologic.com/img/sumo-square.png +keywords: + - collection + - dragos-source +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +icon + +We're excited to announce the release of our new cloud-to-cloud source for Dragos. This source helps you to collect address, asset, vulnerability, and zone details from the Dragos API and ingest them into Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source). \ No newline at end of file From 931441b65e7db73d0df6c7dec2562340e0c94232 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 10:57:23 +0530 Subject: [PATCH 10/22] Delete 2024-12-13-collection.md --- blog-service/2024-12-13-collection.md | 14 -------------- 1 file changed, 14 deletions(-) delete mode 100644 blog-service/2024-12-13-collection.md diff --git a/blog-service/2024-12-13-collection.md b/blog-service/2024-12-13-collection.md deleted file mode 100644 index 206f35fc3a..0000000000 --- a/blog-service/2024-12-13-collection.md +++ /dev/null @@ -1,14 +0,0 @@ ---- -title: Dragos C2C Source (Collection) -image: https://help.sumologic.com/img/sumo-square.png -keywords: - - collection - - dragos-source -hide_table_of_contents: true ---- - -import useBaseUrl from '@docusaurus/useBaseUrl'; - -icon - -We're excited to announce the release of our new cloud-to-cloud source for Dragos. This source helps you to collect address, asset, vulnerability, and zone details from the Dragos API and ingest them into Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source). \ No newline at end of file From 19f9fe8ac959e68d5f4daddd3d9acf9c1e5b6c34 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 10:58:18 +0530 Subject: [PATCH 11/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index ed230e95a5..cbcbf87c56 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -60,7 +60,7 @@ To configure a Dragos Source: 1. (Optional) **Fields**. Click the **+Add** button to define the fields you want to associate. Each field needs a name (key) and value. * ![green check circle.png](/img/reuse/green-check-circle.png) A green circle with a check mark is shown when the field exists in the Fields table schema. * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema is ignored, known as dropped. -1. Enter the **Endpoint URL** of Dragos platform. For example, `https://test.cxc.dragos.cloud/`. +1. **Endpoint URL**. Enter the Dragos platform endpoint URL. For example, `https://test.cxc.dragos.cloud/`. 1. Enter the following details for authorization: 1. **API ID**. API ID of your account. For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. API Secret of your account. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. From db5d44d283700de67ef6da80d5240cb86add18e9 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 10:58:24 +0530 Subject: [PATCH 12/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index cbcbf87c56..cc95bf9854 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -42,7 +42,8 @@ You can use the Hostname to create the Endpoint URL. For example, `https:// **User**. +1. Sign in to the Dragos platform. +1. Navigate to the **Admin** > **User**. 1. Click **ADD NEW API KEY** under the **API Keys** section. 1. Enter the name of the API Key in the **Name** field and then click **GENERATE KEY**. 1. Copy the **API ID** and **API Secret**. From d97482d3254be64d6137a15f99c9b801b9b28c61 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:10:47 +0530 Subject: [PATCH 13/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index cc95bf9854..b2599302a0 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -62,7 +62,8 @@ To configure a Dragos Source: * ![green check circle.png](/img/reuse/green-check-circle.png) A green circle with a check mark is shown when the field exists in the Fields table schema. * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema is ignored, known as dropped. 1. **Endpoint URL**. Enter the Dragos platform endpoint URL. For example, `https://test.cxc.dragos.cloud/`. -1. Enter the following details for authorization: +1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. +1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. **API ID**. API ID of your account. For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. API Secret of your account. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. Check the following boxes to collect the required data: From f044f038517ed9cb7d9e51c6ced45d281d8b2be9 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:11:04 +0530 Subject: [PATCH 14/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index b2599302a0..09f02573a5 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -64,7 +64,6 @@ To configure a Dragos Source: 1. **Endpoint URL**. Enter the Dragos platform endpoint URL. For example, `https://test.cxc.dragos.cloud/`. 1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. - 1. **API ID**. API ID of your account. For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. API Secret of your account. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. Check the following boxes to collect the required data: 1. **Collect Vulnerability** From 85d06b6a306620ca8c3c189e916ea36d8b2f967a Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:11:22 +0530 Subject: [PATCH 15/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index 09f02573a5..0d6cf7eb19 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -64,7 +64,6 @@ To configure a Dragos Source: 1. **Endpoint URL**. Enter the Dragos platform endpoint URL. For example, `https://test.cxc.dragos.cloud/`. 1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. - 1. **API Secret**. API Secret of your account. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. Check the following boxes to collect the required data: 1. **Collect Vulnerability** 1. **Collect Addresses** From 3eb1a50a52f28a535026581bd26a991d87f430a8 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:11:36 +0530 Subject: [PATCH 16/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index 0d6cf7eb19..c8ae96d368 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -69,7 +69,7 @@ To configure a Dragos Source: 1. **Collect Addresses** 1. **Collect Zones** 1. **Collect Assets** -1. **Processing Rules**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). +1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in the [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). 1. When you are finished configuring the Source, click **Save**. ## JSON schema From 0ae205030c64c4cedcba6890b1d73a55de4f02b1 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:11:57 +0530 Subject: [PATCH 17/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index c8ae96d368..ee54d81beb 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -64,7 +64,7 @@ To configure a Dragos Source: 1. **Endpoint URL**. Enter the Dragos platform endpoint URL. For example, `https://test.cxc.dragos.cloud/`. 1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. -1. Check the following boxes to collect the required data: +1. Select the checkbox depending on the type of data that you wish to collect. 1. **Collect Vulnerability** 1. **Collect Addresses** 1. **Collect Zones** From d647fd6a5fa3cf3fc8a6662bae11dec51a96d3d3 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:12:17 +0530 Subject: [PATCH 18/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index ee54d81beb..20439e4156 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -65,7 +65,6 @@ To configure a Dragos Source: 1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. Select the checkbox depending on the type of data that you wish to collect. - 1. **Collect Vulnerability** 1. **Collect Addresses** 1. **Collect Zones** 1. **Collect Assets** From bbd208a6000468fc7fab4557584f61aaf78404c2 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:12:34 +0530 Subject: [PATCH 19/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index 20439e4156..b31c0ce84e 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -65,7 +65,6 @@ To configure a Dragos Source: 1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. Select the checkbox depending on the type of data that you wish to collect. - 1. **Collect Addresses** 1. **Collect Zones** 1. **Collect Assets** 1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in the [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). From 5ca856e4791d4bdf43e9585037d1e492e1037a40 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:12:44 +0530 Subject: [PATCH 20/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index b31c0ce84e..b382337373 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -65,7 +65,6 @@ To configure a Dragos Source: 1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. Select the checkbox depending on the type of data that you wish to collect. - 1. **Collect Zones** 1. **Collect Assets** 1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in the [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). 1. When you are finished configuring the Source, click **Save**. From 5205d455ff833858bcaf4105e276fd81886f45f0 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:12:56 +0530 Subject: [PATCH 21/22] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/dragos-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md index b382337373..6e30b15d6c 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source.md @@ -65,7 +65,6 @@ To configure a Dragos Source: 1. **API ID**. Enter the API ID of your account collected from the [Dragos platform](#vendor-configuration). For example, `036fxxxx-b642-xxxx-99d3-fcxxxx2exxxx`. 1. **API Secret**. Enter the API Secret of your account collected from the [Dragos platform](#vendor-configuration).. For example, `xxxU1TxxxxxxxxKSJwHYOpK37xxxxxxxxrEHAkU91xxxxxxxxxFrrJ06xxx`. 1. Select the checkbox depending on the type of data that you wish to collect. - 1. **Collect Assets** 1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in the [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). 1. When you are finished configuring the Source, click **Save**. From b71461e67b631e55662fcf03e3e06a0caf5eddfa Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Mon, 16 Dec 2024 13:13:16 +0530 Subject: [PATCH 22/22] Update sidebars.ts Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- sidebars.ts | 1 + 1 file changed, 1 insertion(+) diff --git a/sidebars.ts b/sidebars.ts index 0d45ed3d0d..c354d036e0 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -424,6 +424,7 @@ module.exports = { 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/cybereason-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/digital-guardian-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/docusign-source', + 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/dropbox-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/dragos-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/druva-cyber-resilience-source',