From 99439af9abe5aadfaf3b6279a60a1e227d81b146 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Wed, 8 Jan 2025 23:24:51 +0530 Subject: [PATCH 1/3] Updated the Code42 doc (C2C) --- .../code42-incydr-source.md | 6 +++--- static/files/c2c/code42-incydr/example.json | 2 +- static/files/c2c/code42-incydr/example.tf | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md index 393b60a748..a91b4b5e41 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md @@ -5,7 +5,7 @@ sidebar_label: Code42 Incydr tags: - cloud-to-cloud - code42-incydr -description: Learn how to collect alerts, file events, and audit logs from the Code42 Incydr. +description: Learn how to collect sessions, file events, and audit logs from the Code42 Incydr. --- import CodeBlock from '@theme/CodeBlock'; import ExampleJSON from '/files/c2c/code42-incydr/example.json'; @@ -17,13 +17,13 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; The Code42 Incydr is an insider risk management solution that allows you to detect and respond to data exposure and exfiltration from corporate computer, cloud, and email systems. It provides the visibility, context, and controls needed to protect data without overwhelming security teams or inhibiting employee productivity. -Code42 Incydr source is used to analyze and fetch file events, alerts and audit logs from the Code42 Incydr API and send it to Sumo Logic. +Code42 Incydr source is used to analyze and fetch sessions, file events, and audit logs from the [Code42 Incydr API](https://developer.code42.com/api) and send it to Sumo Logic. ## Data collected | Polling Interval | Data | | :--- | :--- | -| 5 min | [Alerts, File Events, and Audit Logs (Audit Events)](https://developer.code42.com/api) | +| 5 min | [Sessions](https://developer.code42.com/api/#tag/Alerts-and-Sessions/operation/SearchSessions), [File Events](https://developer.code42.com/api/#tag/File-Events/operation/searchEvents), and [Audit Logs](https://developer.code42.com/api/#tag/Audit-Log/operation/searchAuditLog) | ## Setup diff --git a/static/files/c2c/code42-incydr/example.json b/static/files/c2c/code42-incydr/example.json index 35573e1d47..bcd8de36bd 100644 --- a/static/files/c2c/code42-incydr/example.json +++ b/static/files/c2c/code42-incydr/example.json @@ -10,7 +10,7 @@ "secretKey": "XXXXV%DsznXXX!hxr479cXsxxnbkX@vxxrxkbfxc", "dataCollection": [ "auditEvents", - "alerts", + "sessions", "fileEvents" ] }, diff --git a/static/files/c2c/code42-incydr/example.tf b/static/files/c2c/code42-incydr/example.tf index e20b0d8636..2d129fb5c4 100644 --- a/static/files/c2c/code42-incydr/example.tf +++ b/static/files/c2c/code42-incydr/example.tf @@ -12,7 +12,7 @@ resource "sumologic_cloud_to_cloud_source" "code42incydr_source" { "secretKey": "XXXXV%DsznXXX!hxr479cXsxxnbkX@vxxrxkbfxc", "dataCollection": [ "auditEvents", - "alerts", + "sessions", "fileEvents" ] }) From e2fbac4ad3c493cf0e3fc12013ffbf9198e440dc Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 10 Jan 2025 12:03:46 +0530 Subject: [PATCH 2/3] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../code42-incydr-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md index a91b4b5e41..aab5c5ccd2 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md @@ -17,7 +17,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; The Code42 Incydr is an insider risk management solution that allows you to detect and respond to data exposure and exfiltration from corporate computer, cloud, and email systems. It provides the visibility, context, and controls needed to protect data without overwhelming security teams or inhibiting employee productivity. -Code42 Incydr source is used to analyze and fetch sessions, file events, and audit logs from the [Code42 Incydr API](https://developer.code42.com/api) and send it to Sumo Logic. +Code42 Incydr source is used to analyze and fetch sessions, file events, and audit logs using the [Code42 Incydr API](https://developer.code42.com/api) and send it to Sumo Logic. ## Data collected From df0eece34a9653426dcc6a3f304bb614908fc3d8 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Fri, 10 Jan 2025 12:06:54 +0530 Subject: [PATCH 3/3] updated the Polling Interval table --- .../code42-incydr-source.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md index a91b4b5e41..dfd15b2baa 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/code42-incydr-source.md @@ -23,7 +23,9 @@ Code42 Incydr source is used to analyze and fetch sessions, file events, and aud | Polling Interval | Data | | :--- | :--- | -| 5 min | [Sessions](https://developer.code42.com/api/#tag/Alerts-and-Sessions/operation/SearchSessions), [File Events](https://developer.code42.com/api/#tag/File-Events/operation/searchEvents), and [Audit Logs](https://developer.code42.com/api/#tag/Audit-Log/operation/searchAuditLog) | +| 5 minutes | [Sessions](https://developer.code42.com/api/#tag/Alerts-and-Sessions/operation/SearchSessions) | +| 5 minutes | [File Events](https://developer.code42.com/api/#tag/File-Events/operation/searchEvents) | +| 5 minutes | [Audit Logs](https://developer.code42.com/api/#tag/Audit-Log/operation/searchAuditLog) | ## Setup