Skip to content

Akamai - Enterprise Threat Protection

Cyderes supports the ingestion of Enterprise Threat Protection reports from the Akamai platform. For more information regarding Akamai ETP, please visit their website.

Chronicle Data Types

  • AKAMAI_ETP

Requirements

  1. Ensure ETP Reporting is within your contract. You can find this in the list of products of your account in the Akamai Control Center

Note

Contact your Akamai representative about enabling ETP reporting if necessary.

Note

Cyderes needs the configuration ID for the ETP configuration the SIEM integration is enabled for. Please consult with your Akamai representative to get the required configuration ID.

Configuration

  1. Create the authentication credentials
  2. Enable the API

    • Choose the API service name for ETP Report and select access level to READ-WRITE. If unsure how to do this, refer to this video.

Gather Information

Provide the following information to Cyderes in order to complete implementation:

  1. Credentials and configuration info to access Akamai's ETP v3 API

    • API Host
    • Access Token
    • Client Token
    • Client Secret
    • Config ID
  2. Identify which reports you will be ingesting into Chronicle

    • Threat Events Report
    • AUP Event Report
    • DNS Activity Report
    • Security Connector Event Report
    • Network Traffic Connections Report
    • Proxy Traffic Transactions Report

For more information regarding the Akamai ETP API and the aforementioned report types, please reference their documentation.