Akamai Enterprise Threat Protector Reporting
App Vendor: Akamai
App Category: Data Enrichment & Threat Intelligence
Connector Version: 1.0.2
API Version: 1.0.0
About App
The Akamai Enterprise Threat Protector Reporting app allows security teams to integrate with the enterprise application to provide the ability to access and analyze reports for security events, acceptable user policy events, and DNS activity totals.
The Akamai Enterprise Threat Protector (ETP) Reporting app is configured with the Orchestrate application to perform the following actions:
Action Name | Description |
|---|---|
Get AUP event details | This action retrieves the raw Acceptable Use Policy (AUP) events of an ETP configuration for a given time period. |
Get IOC change information | This action retrieves a list of historical change information for a given record. |
Get IOC domain tree | This action retrieves a list of blacklisted domains matching a given record. |
Get IOC information | This action retrieves the latest snapshot information for a given domain or IP address. |
List threat details | This action retrieves a list of raw events for an ETP configuration for a given time period. |
Configuration Parameters
The following configuration parameters are required for the Akamai Enterprise Threat Protector Reporting app to communicate with the Akamai Enterprise Threat Protector Reporting enterprise application. The parameters can be configured by creating instances in the connector app.
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Base URL | Enter the base URL. Example: "https://akzz-xxxxxxxxxx-xxxxx.luna.domain.net" | Text | Required | |
Client token | Enter the client token. | Password | Required | |
Client secret | Enter the client secret. | Password | Required | |
Access token | Enter the access token. | Password | Required |
Action: Get AUP event details
This action retrieves the raw Acceptable Use Policy (AUP) events of an ETP configuration for a given time period.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Config ID | Enter the config ID. Example: 100 | Text | Required | |
Start Time | Enter the start time in epoch format. Example: 1333631700 | Text | Required |
Action: Get IOC Change Information
This action retrieves a list of historical change information for a given record.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Record Name | Enter the record name. Example: "test.domain.com" | Text | Required | |
Start Time | Enter the start time in epoch format. Example: 1333631700 | Text | Required |
Action: Get IOC Domain Tree
This action retrieves a list of blacklisted domains matching a given record.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Record Name | Enter the record name. Example: "test.domain.com" | Text | Required |
Action: Get IOC information
This action retrieves the latest snapshot information for a given domain or IP address.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Record Name | Enter the record name. Example: "test.domain.com" | Text | Required |
Action: List Threat Details
This action retrieves a list of raw events for an ETP configuration for a given time period.
Action Input Parameters
Parameter | Description | Field Type | Required/Optional | Comments |
|---|---|---|---|---|
Config ID | Enter the config ID. Example: 100 | Text | Required | |
Start Time | Enter the start time in epoch format. Example: 1333631700 | Text | Required |