sevco.io

Elastic Endpoint Security (aka Endgame)

About

Elastic Security for endpoint prevents ransomware and malware, detects advanced threats, and arms responders with vital investigative context

Why You Should Integrate

Integrating with Elastic Endpoint Security will provide visibility into devices with the agent installed to identify your endpoint coverage and state.

How Does the Integration Work

This integration pulls endpoints from Elastic Endpoint Security (aka Endgame).

This data is only used internally; we do not share it with any parties outside of Sevco. Refer to our privacy policy for details.

Configuration

  1. Configure plugin: Configure Elastic Endgame
FieldDescriptionExample
URL*The URL used to access the sourcehttps://api.product.com
Skip TLS Certification ValidationSkip certificates validation when using a certificate that is self-signed or unable to be validated through a proper certificate authority.
Username*The API key used to identify the authorization and permissionsjanedoe
Password*The API secret used to authenticate with the source***********************
Group IDsFetch devices associate with only the specified Group IDs. Comma separated
  1. Configure Name: OPTIONAL: You can give the configuration a name to provide an identifiable attribute of the configuration to delineate other similar configurations.

  2. Activate Config: To enable this configuration and begin pulling data select "Activate". If you wish to save the configuration to come back later to finish, select "Save Draft". This will save the configuration, but keep it disabled until Activated.

Source Documentation

Creating credentials

You'll be asked to provide source credentials that Sevco will use to connect to Elastic Endgame. Please reference Elastic Endgame documentation for instructions on creating a user.

Required Permissions

Sevco requires read only (GET) access to view Elastic Endgame endpoint objects.

API Documentation

Not available.

Contact Us

If you're having problems integrating a source, or if you've found something wrong in this document, please email us at [email protected].

Tags: cloud, endpoint security