I’m attempting to leverage the REST collector to collect logs from Duo. The REST API requires authentication to be in the form of an HMAC-SHA1 signature in hex ASCII format. Instructions can be found here: Duo Admin API | Duo Security.
At the very least, I’m curious if this is possible, and if so, how would one go about setting this up? Thanks!
This workflow is not currently supported by the REST integration. A scripted collector would be the only workaround Im aware of.
What would be the process of submitting a feature request for something like this? Were looking to leverage Cribl not only for ETL and routing, but to be the central place from which we gather events from SaaS platforms that make their events available through an API endpoint. Thanks!
@josh.hart , we added support for HMAC authentication for the REST collector in Cribl Stream 4.8.0. I've added a template to help with setting up this collector at
https://github.com/criblio/collector-templates/tree/main/collectors/rest/duo
Feel free to reach out with any questions!
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.