What are the most appropriate use cases for using the Ingestion API for log ingestion? I have a few SaaS applications (e.g. Trellix Email Security) that I am looking to onboard via the Ingestion API, with working test code.
Ingestion API Use Case
+3
+6The ingest API is mainly used to ingest logs into Chronicle when we may not have a native integration to the products. Please take a look at these cloud functions as samples to create your own cloud function using the Chronicle ingest API. I am assuming Trellix Email Security has an API you can call to pull the logs.
https://github.com/chronicle/ingestion-scripts
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.