Configure the Sophos Collector in Axon
The next step after successfully Configuring Sophos is to add the collector type to Axon.
Add a Sophos Collector
Only Administrators can take this action.
In the lower-left corner of the main screen, click the Administration cog.
The Administration menu appears on the left side.Under Integrations, click Collectors.
The Collectors page appears.In the upper-right corner, click + Add Collector.
The Add Collector Wizard appears.Select Sophos from the list of collector types.
A list of Log Source Types associated with the Sophos collector appears on the right.Click Configure.
Enter the following information on the configuration page.
Fields marked with an asterisk (*) are required.
Option | Description |
---|---|
Collector Name * | Enter a unique name for this collector. |
Description | Enter an optional detailed description for this collector. |
Collection Schedule * | Enter a value and select a time interval (Minutes, Hours, Days) from the drop-list to determine how often the collector sends new requests. |
Collection Time Out * | Enter the period after which collection will time out while stalled. The default of five minutes means that after five minutes of failing to collect, the collection will time out. |
Sophos Endpoints * | Open the drop-list and select the Sophos endpoint(s) from which data collection is required. |
API Host * | Open the drop-list and select the API Host URL for your Sophos instance. For more information on your API Host region, refer to Global vs. Regional APIs. |
Client Tenant ID * | Enter the Tenant ID obtained during the steps outlined in Configure Sophos. |
Client ID * | Enter Client ID value obtained during the steps outlined in Configure Sophos. |
Client Secret * | Enter the Client Secret value obtained during the steps outlined in Configure Sophos. |
Click Connect to test the collector's connection.
If the connection is successful, the Sophos collector is added to the list of collectors in Axon.