Skip to content

Akamai Security Events

Cyderes supports the ingestion of security events from the Akamai platform. Security event ingestion is supported for the following Akamai products:

  • App & API Protector
  • Kona Site Defender
  • Client Reputation
  • Web Application Protector
  • Bot Manager

Chronicle Data Types

  • AKAMAI_WAF

Requirements

In order for Cyderes to begin ingesting security events from the Akamai platform, the SIEM integration will need to be enabled for each security configuration, and an API Client with READ-WRITE access to the SIEM API needs to be configured for Cyderes to use.

Note

Cyderes needs the configuration IDs for each security configuration the SIEM integration is enabled for. Please consult with your Akamai representative to get the required configuration IDs.

Configuration

  1. Turn on the SIEM Integration for each Security Configuration

    Follow the instructions for "Step 1: Turn on SIEM Integration" in the SIEM integration instructions from Akamai for each security configuration Cyderes should ingest security events from.

  2. Create an API Client

    Follow the instructions for "Creating an API client with custom permissions" from Akamai to create API credentials for Cyderes to use when calling the SIEM API.

    • In the step for selecting client options, choose Select APIs and select the SIEM API. The access level must be set to READ-WRITE.

Gather Information

Please send the following to Cyderes when setup is completed:

  • API Host
  • Access Token
  • Client Token
  • Client Secret
  • Security Configuration IDs (See the note in the requirements section for information about gathering these IDs)