EV Observe - Monitor Sophos

Last modified on 2023/03/16 18:04

Sophos offers a comprehensive range of cybersecurity solutions, from endpoint to network. Sophos Central is used to manage security and operations from a centralized platform.

  • A set of host templates dedicated to the monitoring of Sophos enables you to deploy services quickly.
        Open url.png See the Catalog for Sophos
  • To use services based on Sophos, you must first create a dedicated monitoring user authorized to use the Sophos API. You must then add the credential for the Sophos API in EV Observe.

Notes

  • You need to create and configure the user dedicated to monitoring Sophos once only. This is required prior to the use of any Sophos service template.

Procedure: How to configure and monitor Sophos

Step 1: Create a user dedicated to monitoring Sophos on the Sophos Central platform

1. Log in to the Sophos Central platform using a Super Admin account.

2. Select Global Settings in the menu pane and click API Credentials Management.

          Sophos Central - API credentials link.png

3. Click Add Credential.

          Sophos Central - Add Credential button.png

4. Enter the credential name and description and click Add.

          Sophos Central - Add Credential information.png

Sophos Central will generate the credential together with a Client ID and a Client Secret.

5. Copy the Client ID and the Client Secret and paste them in your text editor in order to store them temporarily. They will be required when defining the configuration in EV Observe in step 2.

Note: Click Show Client Secret to display the Client Secret.

Caution: You must copy the Client Secret immediately because you will no longer be able to see it once you leave the page.

          Sophos Central - Client ID and Client Secret.png
 

Step 2: Configure EV Observe

1. Go to the Web app.

2. Create a new host corresponding to the virtual host.

  • Select Configure > Hosts > List in the menu.
  • Click + Add in the Mode: Box tab. 

          Sophos cloud - General information tab.png

  • Associate the new host with one of the services based on the Sophos templates.
        Open url.png See the Catalog for Sophos
  • Click Apply.

3. Configure the HTTP monitoring account for the new host.

  • Specify the information below.
    • User: Copy and paste the Client ID you stored in your text editor when creating the dedicated user on the Sophos Central platform in step 1.
    • Password: Copy and paste the Client Secret you stored in your text editor in step 1.

          Sophos cloud - Account tab.png

  • Click Apply.
Tags:
Powered by XWiki © EasyVista 2022