This page details the items needed from the Sophos Central portal that will allow Axon Sophos collectors to identify log sources.
See the API Credentials Management topic, as well as the other topics linked on this page, for information on obtaining Sophos Central API credentials.
The following is needed to configure API keys within the Sophos Central portal:
Sophos Central “Super Admin” access.
The following items must be obtained in order to configure a Sophos collector in Axon.
List of Sophos Endpoints from which data collection is required.
Your Sophos API Host region. Refer to Global vs. Regional APIs for more information.
Tenant ID, Client ID, and Client Secret obtained from the Sophos Central portal.
Obtain the Tenant ID
The tenant ID is assigned to your account by Sophos. For information on obtaining the tenant ID for your Sophos instance, refer to the Getting Started as a Tenant topic in the Sophos developer documentation.
Obtain the Client ID and Client Secret
The Client ID and Client Secret are obtained by creating a set of API credentials within the Sophos Central portal. For information on obtaining the client ID and client secret from within the Sophos Central portal, refer to the Third-Party Access via APIs topic in the Sophos developer documentation.
A set of credentials is created when checking the Tenant ID in the section above. A different set of credentials must be used to configure the Sophos collector in Axon.