Login
    Contents x
    Cisco Umbrella
    • 17 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Contents

    Cisco Umbrella

    • Updated on 17 Mar 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    Article summary

    Cisco Umbrella is a cloud-delivered security solution that provides secure internet access and threat protection. With DNS-layer security, web filtering, firewall capabilities, and cloud access security broker (CASB) functionalities, Umbrella helps organizations protect users across any device, location, or network. For detailed information refer to the Cisco Umbrella’s official documentation.

    Integration Method: API

    Tables: Network Activity (4001), DNS Activity (4003)

    This integration supports the following events.

    Event

    Description

    DNS Activities

    List of DNS Activities

    Proxy Activities

    List of Proxy Activities

    This integration supports the following version.

    Cisco Umbrella API version

    v1

    Note:

    Cisco Umbrella is a continuously updated cloud service. You can find the latest release for Umbrella software from Release Notes.

    Prerequisites

    • The user should have access to the Cisco Umbrella instance.

    • The user should have a client ID and client secret for authentication.

    • The user should have access to the DataBee console.

    Configuration overview

    1. Get the API Key and Key Secret for Cisco Umbrella.

    2. Add the Cisco Umbrella data feed in the DataBee console with the below parameters.

      DataBee Parameter

      Cisco Umbrella Parameter

      Client Key

      API Key

      Client Secret

      Key Secret

    Cisco Umbrella Configuration

    1. Login to the Cisco Umbrella dashboard.
       

    2. Navigate to Admin page and click API Keys.

    3. Click on Add Button to create new API Key.
       

    4. Provide details for new API key:

      1. Enter ‘API Key Name’.

      2. Select the Reports as Key Scope with Read-Only ‘Scope’.

      3. Set the ‘Expiry Date’.

    5. Click on CREATE KEY. It will create new API Key.
       

    6. Copy the API Key and Key Secret. These will be used when we create feed in DataBee. Click ACCEPT AND CLOSE.

      A screenshot of a computer  AI-generated content may be incorrect.

    DataBee Configuration

    1. Login to the DataBee UI, navigate to Data > Data Feeds and click the Add New Data Feed button.

      A screenshot of a computer  AI-generated content may be incorrect.

    2. Search for Cisco Umbrella and click it as shown below.

    3. Click on the API Ingest option for collection method.

      A screenshot of a computer  AI-generated content may be incorrect.

    4. Enter feed contact information and click Next.

      A screenshot of a computer  AI-generated content may be incorrect.

    5. In the configuration page, confirm the following:

      • API Base URL: this is the base URL that DataBee will interact with.

      • Authorization Method: OAuth2

      • Client Key: paste the API Key.

      • Client Secret: paste the Key Secret.

      • Token URL: this is the token URL for Authentication.

      • Event Types: preselected for all the event types that integration pulls.

    6. Click Submit.

    Troubleshooting Tips

    • If you are facing unauthorized (401) error, this might be possibly due to incorrect credentials. Please refer to the credentials to get client Key and client Secret.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Eddy AI, facilitating knowledge discovery through conversational intelligence