Cyderes supports the ingestion of Bitdefender GravityZone JSON events via the Event Push API. Event notifications are received by a generic webhook collector.
Full product documentation can be found here and details of the Event Push API begin in section 2.9.
Chronicle Data Types¶
Determine the types of events that must be configured for collection using the following table (taken from the documentation link above). All event types can be collected using the identifier all.
Configuration steps are very similar to these instructions provided for Bitdefender's Splunk integration.
- enable the Event Push API
- generate an API key
After enabling the Push Event API in step #1 above, provide Cyderes with the created API key. This must be provided to activate the integration (3. enable the integration (see setPushEventSettings in section 2.9.1)).