Eg: On this documentation for Agari Phishing Defense: https://docs.cyderes.cloud/integrations/agari-phishing-defense/?h=agari#chronicle-data-types its mentioned "Please send the following to Cyderes via a secure channel when setup is completed:" could you please provide a clarification on this as well

Thank you in advance

@jstoner , @dnehoda  @Rene_Figueroa @cmmartin_google 

Hi @Aravind3 the configuration is specific to Cyderes, one of SecOps partners. I do not have many details about Cyderes method of sending their data, but most likely they use SecOps SIEM Ingestion API.

In theory, you may use our Ingestion API to send any log source as long as you know the corresponding Log Type, but the implementation must be done on the customer side. Some of our customers use GCP Cloud Functions to send the data with our Ingestion API, but you may have any implementation of your choice. You can find all the available log types in our documentation:

https://cloud.google.com/chronicle/docs/ingestion/parser-list/supported-default-parsers

Thanks a bunch @Rene_Figueroa 

Hello @Rene_Figueroa, Is there a native method to take logs from Agari Phishing defense source and push it to Chronicle?

Hi @Aravind3 not at the moment.

Hi @Rene_Figueroa ,

What about for Fireeye ETP do we have an native integration method other than a syslog integration for this source?

Hi @Aravind3, just saw this now. We do not have an integration with Fireeye ETP. All of our 3rd Party API integrations can be found in the documentation below:

https://cloud.google.com/chronicle/docs/reference/feed-management-api