It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda XDR

Integrating Cisco Secure Endpoint

  • Last updated on

Barracuda XDR can monitor your Cisco Secure Endpoint data by using the Cisco Secure Endpoint API. To integrate the monitoring of your environment, please follow the below configuration procedure. For information on the API please see the reference guide: https://ciscosecurity-amp-00-integration-workflows.readthedocs-hosted.com/en/latest/amp/intro.html#integration-requirements 

To Integrate Cisco Secure Endpoint

  1. Log in to the Cisco Security portal as an administrator. 
  2. Click Accounts API Credentials
  3. In the API Credentials pane, click New API Credential
  4. In Application name, type SKOUT SIEM, then select Read & Write.

    You must have read & write access to manage event streams on your Cisco AMP for Endpoints platform. 


  5. Click Create
  6. From the API Key Details section, copy the values for the 3rd Party API Client ID and the API Key.

    • Do not close the tab without retrieving these values; the API key is not retrievable once the tab is closed. 


  7. Test your credentials to make API calls by inputting it into the dashboard and clicking Test.

Enable the Broadcom Endpoint Security Collector

  1. In Barracuda XDR Dashboard, navigate to Administration >  Integrations.

  2. On the Cisco Secure Endpoint card, click Setup.
    CiscoSecureEndpointCard.png

  3. Do the following:
    • Select Enabled.
    • Type the Client ID.
    • Paste the API Key.
      CiscoSecureEndpointEdit.png
  4. Click Test.
  5. When the test passes, click Save