This article specifies the scope of the services delivered to the end customer through solution provider.
1. Before You Begin
A. Create a Webhook feed for Auth0:
1. From the Google Security Operations menu, select Settings, and then click FEEDS.
2. Click Add NEW.
3. In the Feed name field, enter a name for the feed.
4. In the Source type list, select Webhook.
5. Select the Log type as Auth0
6. Click Next.
7. Review your new feed configuration in the Finalize screen, and then click Submit.
8. Click Generate Secret Key to generate a secret key to authenticate this feed.
9. Copy and store the Secret Key as you cannot view this secret again.
Note: You can generate a new secret key again, but regeneration of the secret key makes the previous secret key obsolete.
10. Click Done.
11. In the Feed, click the three dots and select "View feed." On the Details tab, copy the feed endpoint URL from the Endpoint Information field. You'll need to use this endpoint URL in your client application.
12. Click Done.
B. Create an API key for the Webhook feed
1. Go to the Google Cloud Platform Console
2. Select APIs & Services > Credentials.
3. On the Credentials page, click Create credentials > API key.
4. The API key created dialog displays your newly created API key. Click on RESTRICT KEY before using it in production.
Note: The new API key is listed on the Credentials page under API keys. On the following page, you can rename, copy, regenerate, delete & restrict the created API key.
5. Once the key is generated, you need to enable APIs & services
6. For this, click on Dashboard > ENABLE APIS AND SERVICES
7. On the redirected page, search & select the service for which you want to enable the API
8. click on ENABLE.
2. Configuration of Custom Webhook in Auth0
1. Go to Dashboard > Monitoring > Streams and click Create Stream.
2. Select Custom Webhook and enter a unique name for your New Stream.
3. Now fill the details in the Settings:
Payload URL: Add the Feed Webhook URL created at the along with Secret key & API Key
Example:
Note: ‘key’ is the API Key & ‘secret’ is the Feed Key
Authorization Token: (Optional) The value in the Authorization header of the request.
Content Type: application/json
Content Format: JSON Lines
Filter by Event Category: Drop Down and Select ALL.
4. Click Save.
Check status in Chronicle:
- Repeat the process for each type which needs to be onboarded to chronicle.
- Once the configuration is completed, need to validate the logs in chronicle using a regular expression as (".*") this expression or with specific hostname, will provide the log source types which are ingesting to chronicle, below is the screen shot for reference.
Comments
0 comments
Please sign in to leave a comment.