From 3b869bf15c2affbbb53999f083cf943e16b67144 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 14:37:16 +0530 Subject: [PATCH 01/23] Sysdig Secure (c2c Collector) --- blog-service/2025-02-17-collection.md | 14 +++ cid-redirects.json | 1 + .../product-list/product-list-m-z.md | 2 +- .../index.md | 6 + .../sysdig-secure-source.md | 109 ++++++++++++++++++ sidebars.ts | 1 + static/files/c2c/sysdig-secure/example.json | 19 +++ static/files/c2c/sysdig-secure/example.tf | 21 ++++ 8 files changed, 172 insertions(+), 1 deletion(-) create mode 100644 blog-service/2025-02-17-collection.md create mode 100644 docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md create mode 100644 static/files/c2c/sysdig-secure/example.json create mode 100644 static/files/c2c/sysdig-secure/example.tf diff --git a/blog-service/2025-02-17-collection.md b/blog-service/2025-02-17-collection.md new file mode 100644 index 0000000000..4bea3811de --- /dev/null +++ b/blog-service/2025-02-17-collection.md @@ -0,0 +1,14 @@ +--- +title: Sysdig Secure Source (Collection) +image: https://help.sumologic.com/img/sumo-square.png +keywords: + - apps + - sysdig-secure-source +hide_table_of_contents: true +--- + +import useBaseUrl from '@docusaurus/useBaseUrl'; + +icon + +We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source helps you collect the complete scan results produced by the scanner from Sysdig API and send them to Sumologic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source). \ No newline at end of file diff --git a/cid-redirects.json b/cid-redirects.json index 4031331d25..6c58bdd17a 100644 --- a/cid-redirects.json +++ b/cid-redirects.json @@ -1848,6 +1848,7 @@ "/cid/19665": "/docs/integrations/microsoft-azure/microsoft-defender-for-cloud", "/cid/1966": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/carbon-black-cloud-source", "/cid/1987": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source", + "/cid/1996": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source", "/cid/1257": "/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/atlassian-source", "/cid/1967": "/docs/integrations/web-servers/iis-10", "/cid/1968": "/docs/integrations/partner-ecosystem-apps/", diff --git a/docs/integrations/product-list/product-list-m-z.md b/docs/integrations/product-list/product-list-m-z.md index 86622e58a6..03a7cf9502 100644 --- a/docs/integrations/product-list/product-list-m-z.md +++ b/docs/integrations/product-list/product-list-m-z.md @@ -163,7 +163,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Sumo Logic](https://www.sumologic.com/) | Apps:
- [Enterprise Audit - Cloud SIEM](/docs/integrations/sumo-apps/cse/)
- [Flex](/docs/integrations/sumo-apps/flex/)
- [Sumo Logic Audit App](/docs/integrations/sumo-apps/audit/)
- [Sumo Logic Data Volume App](/docs/integrations/sumo-apps/data-volume/)
- [Sumo Logic Enterprise Audit Apps](/docs/integrations/sumo-apps/enterprise-audit/) (multiple apps)
- [Sumo Logic Enterprise Search Audit App](/docs/integrations/sumo-apps/enterprise-search-audit/)
- [Sumo Logic Infrequent Data Tier App](/docs/integrations/sumo-apps/infrequent-data-tier/)
- [Sumo Logic Log Analysis QuickStart App](/docs/integrations/sumo-apps/log-analysis-quickstart/)
- [Sumo Logic Security Analytics App](/docs/integrations/sumo-apps/security-analytics/)
Automation integrations:
- [Automation Tools](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-automation-tools/)
- [Basic Tools](/docs/platform-services/automation-service/app-central/integrations/basic-tools/)
- [ESMTP](/docs/platform-services/automation-service/app-central/integrations/esmtp/)
- [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools/)
- [Incident Tools](/docs/platform-services/automation-service/app-central/integrations/incident-tools/)
- [IMAP](/docs/platform-services/automation-service/app-central/integrations/imap/)
- [Mail Tools](/docs/platform-services/automation-service/app-central/integrations/mail-tools/)
- [POP3](/docs/platform-services/automation-service/app-central/integrations/pop3/)
- [SMTP V3](/docs/platform-services/automation-service/app-central/integrations/smtp-v3/)
- [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem/)
- [Sumo Logic Cloud SIEM Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem-internal/)
- [Sumo Logic Log Analytics](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics/)
- [Sumo Logic Log Analytics Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics-internal/)
- [Sumo Logic Notifications](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications/)
- [Sumo Logic Notifications by Gmail](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-gmail/)
- [Sumo Logic Notifications by Microsoft](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-microsoft)
- [Triage Tools](/docs/platform-services/automation-service/app-central/integrations/triage-tools/)
- [ZIP Tools](/docs/platform-services/automation-service/app-central/integrations/zip-tools/)
Cloud SIEM integration: [Sumo Logic](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/34A5019C-7BEC-4BF8-A3B7-C38D567126C6.md)
Collector: [Universal Connector](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source)
Community app: [Cloud Security Posture Management (CSPM) for Sumo Logic](https://github.com/SumoLogic/sumologic-content/tree/master/CSPM) | | Thumbnail icon | [Superwise](https://superwise.ai/) | Webhook: [Superwise](/docs/integrations/webhooks/superwise/) | | Thumbnail icon | [Symantec](https://sep.securitycloud.symantec.com/v2/landing) | App:
- [Symantec Endpoint Security Service](/docs/integrations/saas-cloud/symantec-endpoint-security-service/)
- [Symantec Web Security Service](/docs/integrations/saas-cloud/symantec-web-security-service/)
Automation integrations:
- [Javelin AD Protect](/docs/platform-services/automation-service/app-central/integrations/javelin-ad-protect/)
- [Symantec DeepSight](/docs/platform-services/automation-service/app-central/integrations/symantec-deepsight/)
- [Symantec EDR](/docs/platform-services/automation-service/app-central/integrations/symantec-edr/)
- [Symantec Endpoint Protection](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection/)
- [Symantec Endpoint Protection Cloud](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection-cloud/)
- [Symantec Secure Web Gateway (Bluecoat)](/docs/platform-services/automation-service/app-central/integrations/symantec-secure-web-gateway-bluecoat/)
- [Symantec WebPulse](/docs/platform-services/automation-service/app-central/integrations/symantec-webpulse/)
Collectors:
- [Symantec Endpoint Security Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source/)
- [Symantec Web Security Service Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-web-security-service-source/)
- [Symantec Proxy Secure Gateway - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/symantec-proxy-secure-gateway/)
- [Symantec Proxy Secure Gateway (Blue Coat Proxy) - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/symantec-proxy-secure-gateway-blue-coat-proxy/)
Cloud SIEM integration: [Symantec](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/64c7f49c-f95a-4f4a-8540-56ec5fb1d96b.md)
Community app: [Sumo Logic for Symantec WSS](https://github.com/SumoLogic/sumologic-content/tree/master/Symantec/WSS) | -| Thumbnail icon | [Sysdig](https://sysdig.com/) | Cloud SIEM integration: [Sysdig](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c4de0854-e718-45e1-a4c8-63623755aa43.md) | +| Thumbnail icon | [Sysdig](https://sysdig.com/) | Collector: [Sysdig Secure](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md)
Cloud SIEM integration: [Sysdig](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c4de0854-e718-45e1-a4c8-63623755aa43.md) | | Thumbnail icon | [syslog-ng](https://www.syslog-ng.com/) | Automation integration: [Syslog-NG](/docs/platform-services/automation-service/app-central/integrations/syslog-ng/)
Collector: [syslog-ng](/docs/send-data/hosted-collectors/cloud-syslog-source/syslog-ng/) | ## T diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md index 5fe525a54e..aeda23f7cf 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md @@ -491,6 +491,12 @@ In this section, we'll introduce the following concepts:

Learn to receive WSS Access logs from the Symantec WSS API.

+
+
+ icon

Sysdig Secure

 +

Collect the complete scan results produced by the scanner from Sysdig API.

+
+
icon

Tenable

 diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md new file mode 100644 index 0000000000..46d7455447 --- /dev/null +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -0,0 +1,109 @@ +--- +id: sysdig-secure-source +title: Sysdig Secure Source +sidebar_label: Sysdig Secure +tags: + - cloud-to-cloud + - sysdig-secure +description: The Sysdig Secure Source aims to collect the complete scan results produced by the scanner from Sysdig API and send them to Sumologic. +--- + +import CodeBlock from '@theme/CodeBlock'; +import ExampleJSON from '/files/c2c/sysdig-secure/example.json'; +import MyComponentSource from '!!raw-loader!/files/c2c/sysdig-secure/example.json'; +import TerraformExample from '!!raw-loader!/files/c2c/sysdig-secure/example.tf'; +import ForwardToSiem from '/docs/reuse/forward-to-siem.md'; +import useBaseUrl from '@docusaurus/useBaseUrl'; + +icon + +Sysdig Secure is a security platform that helps monitor and protect cloud-native environments, especially those using mordern containers and Kubernetes. It helps organizations detect, prevent, and respond to security threats while ensuring compliance in real-time. + +## Data collected + +| Polling Interval | Data | Description | +| :--- | :--- | :--- | +| 24 hours | Runtime Scan Result | Provides a list of runtime scan results discovered by the runtime scanner. | +| 5 minutes | Full Scan Result | Provides the full scan details of the provided scan result ID. | + +## Setup + +### Vendor configuration + +The Sysdig Secure Source supports API token-based authentication and requires you to provide the Sysdig Secure Base URL and API token to access the data. + +#### Base URL + +The **Base URL** is the Sysdig Secure domain URL that corresponds to the region in which the account is created. For example, `https:`. + +#### Bearer token + +The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. + +Follow the steps below to retrieve the Sysdig API token: + +1. Log in to **Sysdig Secure** and then select **Settings** from the user menu. +1. Click **User Profile** to view the **Sysdig Secure API** token in the UI. +1. Copy the token or click the **Reset Token** button to generate a new one. + +:::info +When a token is reset, the previously issued token will immediately become invalid. +::: + +### Source configuration + +When you create a Sysdig Secure Source, you add it to a Hosted Collector. Before creating the Source, identify the Hosted Collector you want to use or create a new Hosted Collector. For instructions, see [Configure a Hosted Collector and Source](/docs/send-data/hosted-collectors/configure-hosted-collector). + +To configure a Sysdig Secure Source: +1. [**Classic UI**](/docs/get-started/sumo-logic-ui-classic). In the main Sumo Logic menu, select **Manage Data > Collection > Collection**.
[**New UI**](/docs/get-started/sumo-logic-ui). In the Sumo Logic top menu select **Configuration**, and then under **Data Collection** select **Collection**. You can also click the **Go To...** menu at the top of the screen and select **Collection**. +1. On the Collection page, click **Add Source** next to a Hosted Collector. +1. Search for and select **Sysdig Secure**. +1. Enter a **Name** for the Source. The description is optional. +1. (Optional) For **Source Category**, enter any string to tag the output collected from the Source. Category metadata is stored in a searchable field called `_sourceCategory`. +1. (Optional) **Fields**. Click the **+Add** button to define the fields you want to associate. Each field needs a name (key) and value. + * ![green check circle.png](/img/reuse/green-check-circle.png) A green circle with a check mark is shown when the field exists in the Fields table schema. + * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema is ignored, known as dropped. +1. **Base URL**. Enter the [Sysdig Secure platform](#base-url) Base URL. For example, `https://eu1.app.sysdig.com`. +1. **Bearer Token**. Enter the Sysdig Secure API token collected from the [Sysdig Secure platform](#bearer-token). For example, `t3fPdsbxxxxxxxxxp4D6hbi4`. +1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). +1. When you are finished configuring the Source, click **Save**. + +## JSON schema + +Sources can be configured using UTF-8 encoded JSON files with the Collector Management API. See [Use JSON to Configure Sources](/docs/send-data/use-json-configure-sources) for details.  + +| Parameter | Type | Value | Required | Description | +|:--|:--|:--|:--|:--| +| schemaRef | JSON Object | `{“type”: “Sysdig Secure”}` | Yes | Define the specific schema type. | +| sourceType | String | `"Universal"` | Yes | Type of source. | +| config | JSON Object | [Configuration object](#configuration-object) | Yes | Source type specific values. | + +### Configuration Object + +| Parameter | Type | Required | Default | Description | Example | +|:--|:--|:--|:--|:--|:--| +| name | String | Yes | `null` | Type a desired name of the source. The name must be unique per Collector. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_source`. | `"mySource"` | +| description | String | No | `null` | Type a description of the source. | `"Testing source"` | +| category | String | No | `null` | Type a category of the source. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_sourceCategory`. See [best practices](/docs/send-data/best-practices) for details. | `"mySource/test"` | +| fields | JSON Object | No | `null` | JSON map of key-value fields (metadata) to apply to the collector or source. Use the boolean field `_siemForward` to enable forwarding to SIEM.| `{"_siemForward": false, "fieldA": "valueA"}` | +| baseURL | String | Yes | `null` | The Sysdig base URL of your region. | `https://api.us2.sysdig.com` | +| apiToken | String | Yes | `null` | The API Token of your Sysdig account. | `t3fPdsbxxxxxxxxxp4D6hbi4` | +| filters | Array | No | `null` | An array of key-value pairs to filter the data. For key-value pairs, the length is set to 256 characters and the API accepts a maximum length of 1024 characters for the filter. | | + +### JSON example + +{MyComponentSource} + +Download example + +### Terraform example + +{TerraformExample} + +Download example + +## FAQ + +:::info +Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources. +::: \ No newline at end of file diff --git a/sidebars.ts b/sidebars.ts index 41a76fb74d..65b3aa2db8 100644 --- a/sidebars.ts +++ b/sidebars.ts @@ -469,6 +469,7 @@ module.exports = { //'send-data/hosted-collectors/cloud-to-cloud-integration-framework/sumo-logic-kickstart-data-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-web-security-service-source', + 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/tenable-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/trellix-mvisio-epo-source', 'send-data/hosted-collectors/cloud-to-cloud-integration-framework/trend-micro-source', diff --git a/static/files/c2c/sysdig-secure/example.json b/static/files/c2c/sysdig-secure/example.json new file mode 100644 index 0000000000..3d35219f44 --- /dev/null +++ b/static/files/c2c/sysdig-secure/example.json @@ -0,0 +1,19 @@ +{ + "api.version": "v1", + "source": { + "config": { + "name": "Sysdig", + "baseURL": "https://us2.app.sysdig.com", + "bearerToken": "wdwxxxxxqwedwedxxxxxqewdxxxxxxqwedxxxx", + "scope": [ + { + "fieldName": "Field", + "fieldValue": "Value" + } + ] +}, + "schemaRef": { + "type": "Sysdig" + }, + "sourceType": "Universal" +}} \ No newline at end of file diff --git a/static/files/c2c/sysdig-secure/example.tf b/static/files/c2c/sysdig-secure/example.tf new file mode 100644 index 0000000000..56cff6ba4e --- /dev/null +++ b/static/files/c2c/sysdig-secure/example.tf @@ -0,0 +1,21 @@ +resource "sumologic_cloud_to_cloud_source" "sysdig-secure-source" { + collector_id = sumologic_collector.collector.id + schema_ref = { + type = "Sysdig" + } + config = jsonencode({ + "name": "Sysdig", + "baseURL": "https://us2.app.sysdig.com", + "bearerToken": "wdwxxxxxqwedwedxxxxxqewdxxxxxxqwedxxxx", + "scope": [ + { + "fieldName": "Field", + "fieldValue": "Value" + } + ] + }) +} +resource "sumologic_collector" "collector" { + name = "my-collector" + description = "Just testing this" +} \ No newline at end of file From 148289410fec150645d3d85ede692ea3a8999f53 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:44:45 +0530 Subject: [PATCH 02/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 46d7455447..a97a596c62 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -42,7 +42,8 @@ The **Bearer Token** is the API security token used to authenticate with Sysdig Follow the steps below to retrieve the Sysdig API token: -1. Log in to **Sysdig Secure** and then select **Settings** from the user menu. +1. Sign in to **Sysdig Secure** platform . +1. Select **Settings** from the **User Menu**. 1. Click **User Profile** to view the **Sysdig Secure API** token in the UI. 1. Copy the token or click the **Reset Token** button to generate a new one. From 1ed7ca503d17140c4830dbbc3fc971a31d247d1e Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:44:58 +0530 Subject: [PATCH 03/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index a97a596c62..584fa940a0 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -34,7 +34,7 @@ The Sysdig Secure Source supports API token-based authentication and requires yo #### Base URL -The **Base URL** is the Sysdig Secure domain URL that corresponds to the region in which the account is created. For example, `https:`. +The **Base URL** is the Sysdig Secure domain URL that corresponds to the region in which the account is created. For example, `https://api.us2.sysdig.com`. #### Bearer token From 0222a99c6984efd168e070278e47eca552abb680 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:45:31 +0530 Subject: [PATCH 04/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 584fa940a0..e1141c3005 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -38,7 +38,7 @@ The **Base URL** is the Sysdig Secure domain URL that corresponds to the region #### Bearer token -The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. +The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. Follow the steps below to retrieve the Sysdig API token: Follow the steps below to retrieve the Sysdig API token: From a97b9a8d22afa6fc718a651db0664d8e7af74df9 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:45:42 +0530 Subject: [PATCH 05/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/sysdig-secure-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index e1141c3005..5993128101 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -40,7 +40,6 @@ The **Base URL** is the Sysdig Secure domain URL that corresponds to the region The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. Follow the steps below to retrieve the Sysdig API token: -Follow the steps below to retrieve the Sysdig API token: 1. Sign in to **Sysdig Secure** platform . 1. Select **Settings** from the **User Menu**. From 9ec3664ca5fd856ba8d65ef00c75540534ea3210 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:45:56 +0530 Subject: [PATCH 06/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 5993128101..034b042890 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -43,7 +43,7 @@ The **Bearer Token** is the API security token used to authenticate with Sysdig 1. Sign in to **Sysdig Secure** platform . 1. Select **Settings** from the **User Menu**. -1. Click **User Profile** to view the **Sysdig Secure API** token in the UI. +1. Select **User Profile** to view the Sysdig Secure API token in the UI. 1. Copy the token or click the **Reset Token** button to generate a new one. :::info From 7020debd1692db9febe13bad9b8b312520d2d0eb Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:46:07 +0530 Subject: [PATCH 07/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 034b042890..3a370f147d 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -63,7 +63,7 @@ To configure a Sysdig Secure Source: 1. (Optional) **Fields**. Click the **+Add** button to define the fields you want to associate. Each field needs a name (key) and value. * ![green check circle.png](/img/reuse/green-check-circle.png) A green circle with a check mark is shown when the field exists in the Fields table schema. * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema is ignored, known as dropped. -1. **Base URL**. Enter the [Sysdig Secure platform](#base-url) Base URL. For example, `https://eu1.app.sysdig.com`. +1. **Base URL**. Enter the [Sysdig Secure platform](#base-url) Base URL. For example, `https://api.us2.sysdig.com`. 1. **Bearer Token**. Enter the Sysdig Secure API token collected from the [Sysdig Secure platform](#bearer-token). For example, `t3fPdsbxxxxxxxxxp4D6hbi4`. 1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). 1. When you are finished configuring the Source, click **Save**. From fd9b4d9050e077cd9a3192761fe0497294dbc7b6 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:46:28 +0530 Subject: [PATCH 08/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 3a370f147d..abc9ecd26e 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -64,7 +64,7 @@ To configure a Sysdig Secure Source: * ![green check circle.png](/img/reuse/green-check-circle.png) A green circle with a check mark is shown when the field exists in the Fields table schema. * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema is ignored, known as dropped. 1. **Base URL**. Enter the [Sysdig Secure platform](#base-url) Base URL. For example, `https://api.us2.sysdig.com`. -1. **Bearer Token**. Enter the Sysdig Secure API token collected from the [Sysdig Secure platform](#bearer-token). For example, `t3fPdsbxxxxxxxxxp4D6hbi4`. +1. **Bearer Token**. Enter the Sysdig Secure API token collected from the [Sysdig Secure](#bearer-token) platform. For example, `t3fPdsbxxxxxxxxxp4D6hbi4`. 1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). 1. When you are finished configuring the Source, click **Save**. From fa548e9966a743f487a63d47c78b93a806cf2fe3 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:46:47 +0530 Subject: [PATCH 09/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index abc9ecd26e..8ed871fd34 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -87,7 +87,7 @@ Sources can be configured using UTF-8 encoded JSON files with the Collector Ma | category | String | No | `null` | Type a category of the source. This value is assigned to the [metadata](/docs/search/get-started-with-search/search-basics/built-in-metadata) field `_sourceCategory`. See [best practices](/docs/send-data/best-practices) for details. | `"mySource/test"` | | fields | JSON Object | No | `null` | JSON map of key-value fields (metadata) to apply to the collector or source. Use the boolean field `_siemForward` to enable forwarding to SIEM.| `{"_siemForward": false, "fieldA": "valueA"}` | | baseURL | String | Yes | `null` | The Sysdig base URL of your region. | `https://api.us2.sysdig.com` | -| apiToken | String | Yes | `null` | The API Token of your Sysdig account. | `t3fPdsbxxxxxxxxxp4D6hbi4` | +| apiToken | String | Yes | `null` | The API token of your Sysdig account. | `t3fPdsbxxxxxxxxxp4D6hbi4` | | filters | Array | No | `null` | An array of key-value pairs to filter the data. For key-value pairs, the length is set to 256 characters and the API accepts a maximum length of 1024 characters for the filter. | | ### JSON example From 09f6665ad1a4bb59a66c451515b73700b6461a5c Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:47:05 +0530 Subject: [PATCH 10/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 8ed871fd34..29e214ee50 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -17,7 +17,7 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; icon -Sysdig Secure is a security platform that helps monitor and protect cloud-native environments, especially those using mordern containers and Kubernetes. It helps organizations detect, prevent, and respond to security threats while ensuring compliance in real-time. +Sysdig Secure is a comprehensive security platform that provides continuous security and compliance monitoring for cloud-native environments. This is designed specifically to address the security needs of modern containerised and Kubernetes infrastructures. Sysdig Secure enables organisations to detect, prevent, and respond to security threats and ensure compliance in real-time. ## Data collected From a645278bbe45d6651933e8590a3aec5e54cfe47a Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:47:30 +0530 Subject: [PATCH 11/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 29e214ee50..aed9ee5abe 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -5,7 +5,7 @@ sidebar_label: Sysdig Secure tags: - cloud-to-cloud - sysdig-secure -description: The Sysdig Secure Source aims to collect the complete scan results produced by the scanner from Sysdig API and send them to Sumologic. +description: The Sysdig Secure Source aims to collect the scan results from the scanner using Sysdig API and send them to Sumologic. --- import CodeBlock from '@theme/CodeBlock'; From 90431e31ef1dd81e7556b03000be7e585700d6e1 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:47:40 +0530 Subject: [PATCH 12/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md index aeda23f7cf..c0c9e8438c 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/index.md @@ -494,7 +494,7 @@ In this section, we'll introduce the following concepts:
icon

Sysdig Secure

 -

Collect the complete scan results produced by the scanner from Sysdig API.

+

Collect the scan results from the scanner using the Sysdig API.

From f85611562bb93da89376d4838c20a4e1ec6c0771 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 19:47:50 +0530 Subject: [PATCH 13/23] Update blog-service/2025-02-17-collection.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- blog-service/2025-02-17-collection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog-service/2025-02-17-collection.md b/blog-service/2025-02-17-collection.md index 4bea3811de..887a4b5439 100644 --- a/blog-service/2025-02-17-collection.md +++ b/blog-service/2025-02-17-collection.md @@ -11,4 +11,4 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; icon -We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source helps you collect the complete scan results produced by the scanner from Sysdig API and send them to Sumologic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source). \ No newline at end of file +We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source aims to collect the scan results from the scanner using Sysdig API and send them to Sumologic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source). \ No newline at end of file From f080f7fe43d2b1b51e5a9adb55d8b12897579d1a Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Tue, 4 Feb 2025 20:03:19 +0530 Subject: [PATCH 14/23] Update sysdig-secure-source.md --- .../sysdig-secure-source.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index aed9ee5abe..b685279ad5 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -65,6 +65,7 @@ To configure a Sysdig Secure Source: * ![orange exclamation point.png](/img/reuse/orange-exclamation-point.png) An orange triangle with an exclamation point is shown when the field doesn't exist in the Fields table schema. In this case, an option to automatically add the nonexistent fields to the Fields table schema is provided. If a field is sent to Sumo Logic that does not exist in the Fields schema is ignored, known as dropped. 1. **Base URL**. Enter the [Sysdig Secure platform](#base-url) Base URL. For example, `https://api.us2.sysdig.com`. 1. **Bearer Token**. Enter the Sysdig Secure API token collected from the [Sysdig Secure](#bearer-token) platform. For example, `t3fPdsbxxxxxxxxxp4D6hbi4`. +1. (Optional) **Filters**. Click the **+Add** button to define the filters you want to associate. Each filter needs a **Field Name** (key) and **Field Value** (value). For key-value pairs, the length is set to 256 characters and the API accepts a maximum length of 1024 characters for the filter. 1. (Optional) **Processing Rules for Logs**. Configure any desired filters, such as allowlist, denylist, hash, or mask, as described in [Create a Processing Rule](/docs/send-data/collection/processing-rules/create-processing-rule). 1. When you are finished configuring the Source, click **Save**. @@ -106,4 +107,4 @@ Sources can be configured using UTF-8 encoded JSON files with the Collector Ma :::info Click [here](/docs/c2c/info) for more information about Cloud-to-Cloud sources. -::: \ No newline at end of file +::: From 82bbd6d5d17d866e9d13d69297b9acffd6715a67 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 6 Feb 2025 12:35:27 +0530 Subject: [PATCH 15/23] added API links --- .../sysdig-secure-source.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index b685279ad5..f69f5449e4 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -21,10 +21,10 @@ Sysdig Secure is a comprehensive security platform that provides continuous secu ## Data collected -| Polling Interval | Data | Description | -| :--- | :--- | :--- | -| 24 hours | Runtime Scan Result | Provides a list of runtime scan results discovered by the runtime scanner. | -| 5 minutes | Full Scan Result | Provides the full scan details of the provided scan result ID. | +| Polling Interval | Data | +| :--- | :--- | +| 24 hours | [Runtime Scan Result](https://us2.app.sysdig.com/apidocs/secure/#tag/Vulnerability-Management/operation/ScannerAPIServiceListRuntimeResults) | +| 5 minutes | [Full Scan Result](https://us2.app.sysdig.com/apidocs/secure/#tag/Vulnerability-Management/operation/GetSecureVulnerabilityV1ResultsResultId) | ## Setup From 43f1cfdc78876a2660dede3d667c5dc5fa1d2b19 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 6 Feb 2025 20:19:26 +0530 Subject: [PATCH 16/23] Update blog-service/2025-02-17-collection.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- blog-service/2025-02-17-collection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/blog-service/2025-02-17-collection.md b/blog-service/2025-02-17-collection.md index 887a4b5439..2e0181f099 100644 --- a/blog-service/2025-02-17-collection.md +++ b/blog-service/2025-02-17-collection.md @@ -11,4 +11,4 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; icon -We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source aims to collect the scan results from the scanner using Sysdig API and send them to Sumologic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source). \ No newline at end of file +We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source aims to collect the scan results from the scanner using Sysdig API and send them to Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source). \ No newline at end of file From edae18819014c1f6f2952f3ef2379847a48da05e Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 6 Feb 2025 20:19:36 +0530 Subject: [PATCH 17/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index f69f5449e4..0ee2fdef03 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -5,7 +5,7 @@ sidebar_label: Sysdig Secure tags: - cloud-to-cloud - sysdig-secure -description: The Sysdig Secure Source aims to collect the scan results from the scanner using Sysdig API and send them to Sumologic. +description: The Sysdig Secure Source aims to collect the scan results from the scanner using Sysdig API and send them to Sumo Logic. --- import CodeBlock from '@theme/CodeBlock'; From 905252e599784f248a34996ba307dec6de79cbc9 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 6 Feb 2025 20:55:44 +0530 Subject: [PATCH 18/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 0ee2fdef03..b5fda25787 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -43,7 +43,7 @@ The **Bearer Token** is the API security token used to authenticate with Sysdig 1. Sign in to **Sysdig Secure** platform . 1. Select **Settings** from the **User Menu**. -1. Select **User Profile** to view the Sysdig Secure API token in the UI. +1. In the **Settings** page, select **User Profile** to view the Sysdig Secure API token in the UI. 1. Copy the token or click the **Reset Token** button to generate a new one. :::info From c9ae370edffcc762a27e2650e24a96f3daf59c4a Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 6 Feb 2025 20:55:57 +0530 Subject: [PATCH 19/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index b5fda25787..5bfc7ca459 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -38,7 +38,7 @@ The **Base URL** is the Sysdig Secure domain URL that corresponds to the region #### Bearer token -The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. Follow the steps below to retrieve the Sysdig API token: +The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. Follow the steps below to collect your Sysdig API token: 1. Sign in to **Sysdig Secure** platform . From 04d5f8879972ecc1fd647fb8775d0952b3f28393 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 6 Feb 2025 20:56:11 +0530 Subject: [PATCH 20/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../cloud-to-cloud-integration-framework/sysdig-secure-source.md | 1 - 1 file changed, 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 5bfc7ca459..9e83f5cfe8 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -40,7 +40,6 @@ The **Base URL** is the Sysdig Secure domain URL that corresponds to the region The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. Follow the steps below to collect your Sysdig API token: - 1. Sign in to **Sysdig Secure** platform . 1. Select **Settings** from the **User Menu**. 1. In the **Settings** page, select **User Profile** to view the Sysdig Secure API token in the UI. From edc75626047689e2790512fbbfd8d59c2ba3d621 Mon Sep 17 00:00:00 2001 From: Amee Lepcha Date: Thu, 6 Feb 2025 20:56:23 +0530 Subject: [PATCH 21/23] Update docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md Co-authored-by: Jagadisha V <129049263+JV0812@users.noreply.github.com> --- .../sysdig-secure-source.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md index 9e83f5cfe8..06d457b6ac 100644 --- a/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md +++ b/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md @@ -40,7 +40,7 @@ The **Base URL** is the Sysdig Secure domain URL that corresponds to the region The **Bearer Token** is the API security token used to authenticate with Sysdig HTTP API. Follow the steps below to collect your Sysdig API token: -1. Sign in to **Sysdig Secure** platform . +1. Sign in to the **Sysdig Secure** platform. 1. Select **Settings** from the **User Menu**. 1. In the **Settings** page, select **User Profile** to view the Sysdig Secure API token in the UI. 1. Copy the token or click the **Reset Token** button to generate a new one. From 717c9eaefadcf0fc36fa6d118690beb8f1baf8ee Mon Sep 17 00:00:00 2001 From: Jagadisha V <129049263+JV0812@users.noreply.github.com> Date: Tue, 18 Feb 2025 12:36:09 +0530 Subject: [PATCH 22/23] Rename 2025-02-17-collection.md to 2025-02-18-collection.md --- .../{2025-02-17-collection.md => 2025-02-18-collection.md} | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) rename blog-service/{2025-02-17-collection.md => 2025-02-18-collection.md} (98%) diff --git a/blog-service/2025-02-17-collection.md b/blog-service/2025-02-18-collection.md similarity index 98% rename from blog-service/2025-02-17-collection.md rename to blog-service/2025-02-18-collection.md index 2e0181f099..b14ea73084 100644 --- a/blog-service/2025-02-17-collection.md +++ b/blog-service/2025-02-18-collection.md @@ -11,4 +11,4 @@ import useBaseUrl from '@docusaurus/useBaseUrl'; icon -We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source aims to collect the scan results from the scanner using Sysdig API and send them to Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source). \ No newline at end of file +We're excited to announce the release of our new cloud-to-cloud source for Sysdig Secure. This source aims to collect the scan results from the scanner using Sysdig API and send them to Sumo Logic for streamlined analysis. [Learn more](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source). From 0efae493e7f06cd9fa72436bd1c60c8b996f2419 Mon Sep 17 00:00:00 2001 From: Jagadisha V <129049263+JV0812@users.noreply.github.com> Date: Tue, 18 Feb 2025 12:37:48 +0530 Subject: [PATCH 23/23] Update docs/integrations/product-list/product-list-m-z.md --- docs/integrations/product-list/product-list-m-z.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/integrations/product-list/product-list-m-z.md b/docs/integrations/product-list/product-list-m-z.md index 03a7cf9502..19450694ae 100644 --- a/docs/integrations/product-list/product-list-m-z.md +++ b/docs/integrations/product-list/product-list-m-z.md @@ -163,7 +163,7 @@ For descriptions of the different types of integrations Sumo Logic offers, see [ | Thumbnail icon | [Sumo Logic](https://www.sumologic.com/) | Apps:
- [Enterprise Audit - Cloud SIEM](/docs/integrations/sumo-apps/cse/)
- [Flex](/docs/integrations/sumo-apps/flex/)
- [Sumo Logic Audit App](/docs/integrations/sumo-apps/audit/)
- [Sumo Logic Data Volume App](/docs/integrations/sumo-apps/data-volume/)
- [Sumo Logic Enterprise Audit Apps](/docs/integrations/sumo-apps/enterprise-audit/) (multiple apps)
- [Sumo Logic Enterprise Search Audit App](/docs/integrations/sumo-apps/enterprise-search-audit/)
- [Sumo Logic Infrequent Data Tier App](/docs/integrations/sumo-apps/infrequent-data-tier/)
- [Sumo Logic Log Analysis QuickStart App](/docs/integrations/sumo-apps/log-analysis-quickstart/)
- [Sumo Logic Security Analytics App](/docs/integrations/sumo-apps/security-analytics/)
Automation integrations:
- [Automation Tools](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-automation-tools/)
- [Basic Tools](/docs/platform-services/automation-service/app-central/integrations/basic-tools/)
- [ESMTP](/docs/platform-services/automation-service/app-central/integrations/esmtp/)
- [HTTP Tools](/docs/platform-services/automation-service/app-central/integrations/http-tools/)
- [Incident Tools](/docs/platform-services/automation-service/app-central/integrations/incident-tools/)
- [IMAP](/docs/platform-services/automation-service/app-central/integrations/imap/)
- [Mail Tools](/docs/platform-services/automation-service/app-central/integrations/mail-tools/)
- [POP3](/docs/platform-services/automation-service/app-central/integrations/pop3/)
- [SMTP V3](/docs/platform-services/automation-service/app-central/integrations/smtp-v3/)
- [Sumo Logic Cloud SIEM](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem/)
- [Sumo Logic Cloud SIEM Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-cloud-siem-internal/)
- [Sumo Logic Log Analytics](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics/)
- [Sumo Logic Log Analytics Internal](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-log-analytics-internal/)
- [Sumo Logic Notifications](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications/)
- [Sumo Logic Notifications by Gmail](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-gmail/)
- [Sumo Logic Notifications by Microsoft](/docs/platform-services/automation-service/app-central/integrations/sumo-logic-notifications-by-microsoft)
- [Triage Tools](/docs/platform-services/automation-service/app-central/integrations/triage-tools/)
- [ZIP Tools](/docs/platform-services/automation-service/app-central/integrations/zip-tools/)
Cloud SIEM integration: [Sumo Logic](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/34A5019C-7BEC-4BF8-A3B7-C38D567126C6.md)
Collector: [Universal Connector](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/universal-connector-source)
Community app: [Cloud Security Posture Management (CSPM) for Sumo Logic](https://github.com/SumoLogic/sumologic-content/tree/master/CSPM) | | Thumbnail icon | [Superwise](https://superwise.ai/) | Webhook: [Superwise](/docs/integrations/webhooks/superwise/) | | Thumbnail icon | [Symantec](https://sep.securitycloud.symantec.com/v2/landing) | App:
- [Symantec Endpoint Security Service](/docs/integrations/saas-cloud/symantec-endpoint-security-service/)
- [Symantec Web Security Service](/docs/integrations/saas-cloud/symantec-web-security-service/)
Automation integrations:
- [Javelin AD Protect](/docs/platform-services/automation-service/app-central/integrations/javelin-ad-protect/)
- [Symantec DeepSight](/docs/platform-services/automation-service/app-central/integrations/symantec-deepsight/)
- [Symantec EDR](/docs/platform-services/automation-service/app-central/integrations/symantec-edr/)
- [Symantec Endpoint Protection](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection/)
- [Symantec Endpoint Protection Cloud](/docs/platform-services/automation-service/app-central/integrations/symantec-endpoint-protection-cloud/)
- [Symantec Secure Web Gateway (Bluecoat)](/docs/platform-services/automation-service/app-central/integrations/symantec-secure-web-gateway-bluecoat/)
- [Symantec WebPulse](/docs/platform-services/automation-service/app-central/integrations/symantec-webpulse/)
Collectors:
- [Symantec Endpoint Security Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-endpoint-security-source/)
- [Symantec Web Security Service Source](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/symantec-web-security-service-source/)
- [Symantec Proxy Secure Gateway - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/symantec-proxy-secure-gateway/)
- [Symantec Proxy Secure Gateway (Blue Coat Proxy) - Cloud SIEM](/docs/cse/ingestion/ingestion-sources-for-cloud-siem/symantec-proxy-secure-gateway-blue-coat-proxy/)
Cloud SIEM integration: [Symantec](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/64c7f49c-f95a-4f4a-8540-56ec5fb1d96b.md)
Community app: [Sumo Logic for Symantec WSS](https://github.com/SumoLogic/sumologic-content/tree/master/Symantec/WSS) | -| Thumbnail icon | [Sysdig](https://sysdig.com/) | Collector: [Sysdig Secure](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md)
Cloud SIEM integration: [Sysdig](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c4de0854-e718-45e1-a4c8-63623755aa43.md) | +| Thumbnail icon | [Sysdig](https://sysdig.com/) | Cloud SIEM integration: [Sysdig](https://github.com/SumoLogic/cloud-siem-content-catalog/blob/master/vendors/c4de0854-e718-45e1-a4c8-63623755aa43.md)
Collector: [Sysdig Secure](/docs/send-data/hosted-collectors/cloud-to-cloud-integration-framework/sysdig-secure-source.md) | | Thumbnail icon | [syslog-ng](https://www.syslog-ng.com/) | Automation integration: [Syslog-NG](/docs/platform-services/automation-service/app-central/integrations/syslog-ng/)
Collector: [syslog-ng](/docs/send-data/hosted-collectors/cloud-syslog-source/syslog-ng/) | ## T