Orca¶
Cyderes supports the ingestion of alert logs from the Orca Security API. Orca Security is a cloud security platform that provides instant-on, workload-level security for AWS, Azure, and GCP without the gaps in coverage, alert fatigue, and operational costs of agents. The Orca Security API provides access to alert logs, which are logs that contain information about security concerns in cloud environments.
Chronicle Data Types¶
- ORCA
Requirements¶
The Orca integration requires an API Token in order to query alert logs.
API Token¶
- Sign in to Orca as an administrator with the same rights that are needed to perform the API's actions. The API key inherits its user role and permissions from the signed-in admin.
- In the Orca dashboard, go to Settings > Modules.
- Select the Integrations tab.
- Click Generate Key.
- Copy and save the key.
Gather Information¶
Please send the following to Cyderes when setup is completed:
- Orca API Token