Barracuda XDR can monitor your Cisco Secure Endpoint data by using the Cisco Secure Endpoint API. To integrate the monitoring of your environment, please follow the below configuration procedure. For information on the API please see the reference guide: https://ciscosecurity-amp-00-integration-workflows.readthedocs-hosted.com/en/latest/amp/intro.html#integration-requirements
To Integrate Cisco Secure Endpoint
- Log in to the Cisco Security portal as an administrator.
- Click Accounts > API Credentials.
- In the API Credentials pane, click New API Credential.
In Application name, type
SKOUT SIEM
, then select Read & Write.- Click Create.
From the API Key Details section, copy the values for the 3rd Party API Client ID and the API Key.
- Test your credentials to make API calls by inputting it into the dashboard and clicking Test.
Enable the Broadcom Endpoint Security Collector
In Barracuda XDR Dashboard, navigate to Administration > Integrations.
On the Cisco Secure Endpoint card, click Setup.
- Do the following:
- Select Enabled.
- Type the Client ID.
- Paste the API Key.
- Click Test.
- When the test passes, click Save