Cequence Unified API Protection (UAP) Data Export Integrations provides the means to send detection, mitigation, and API risk event information to external Syslog, Amazon S3 object stores, and external SIEM services via authenticated HTTP connection. HTTP Data Export is sent over HTTPS to Splunk using the Authentication Token created in Splunk for secure access.
UAP Event Configuration
Three types of events may be generated. Information for each event type is configurable and may optionally be transformed during export to protect sensitive data or reduce data size. Data exported from the Cequence UAP Platform using Data Export HTTP configuration are exported in JSON format. Splunk automatically parses this format allowing you to create Dashboards immediately upon ingestion.
Dashboards
You can now create Dashboards in Splunk for observability and triage actions. For more information on creating dashboards, please reference the Create dashboards and panels documentation by Splunk.
For complete integration steps, log in to view the following article.
Splunk Integration Steps Using HTTP
Additional setup and configuration information is available through the Cequence Success Team.