Sophos Central Alerts
- 23 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
Sophos Central Alerts
- Updated on 23 Nov 2024
- 1 Minute to read
- Contributors
- Print
- DarkLight
Article summary
Did you find this summary helpful?
Thank you for your feedback
Sophos Email Protect is a cloud-based email security solution designed to protect against malware, phishing, and spam. Alerts and events are centralized through Sophos Central Alerts. It offers advanced threat protection by scanning inbound and outbound emails, blocking malicious links and attachments, and providing anti-spoofing features.
Integration Method: API
Tables: Alert
This integration has been tested against the Sophos email Protection version 2024.39
Sophos Central Alerts Configuration
To use the integration, you will need to get a client credentials.
Login to the Sophos central console
Click on General settings button
Click on API Credentials Management
Click on Add Credentials button
Add Credential name and description. Select Service principle ReadOnly in role.
Click on add button
Copy client ID and Client secret
DataBee Configuration
Log into the DataBee console, navigate to Data>Datasources and click on Add New Data Source.
Search for Sophos central Alerts and click it
Select API Ingest
Enter contact information
In the configuration page, enter the following:
Authorization Method: OAuth2
Client Key: Paste the client id generated earlier
Client Secret: Paste the client secret generated earlier
Click Submit
Was this article helpful?