EV Observe - Monitor Sophos
Sophos offers a comprehensive range of cybersecurity solutions, from endpoint to network. Sophos Central is used to manage security and operations from a centralized platform.
- A set of host templates dedicated to the monitoring of Sophos enables you to deploy services quickly.
See the Catalog for Sophos
- To use services based on Sophos, you must first create a dedicated monitoring user authorized to use the Sophos API. You must then add the credential for the Sophos API in EV Observe.
Notes
- You need to create and configure the user dedicated to monitoring Sophos once only. This is required prior to the use of any Sophos service template.
Procedure: How to configure and monitor Sophos
Step 1: Create a user dedicated to monitoring Sophos on the Sophos Central platform
1. Log in to the Sophos Central platform using a Super Admin account.
2. Select Global Settings in the menu pane and click API Credentials Management.
3. Click Add Credential.
4. Enter the credential name and description and click Add.
Sophos Central will generate the credential together with a Client ID and a Client Secret.
5. Copy the Client ID and the Client Secret and paste them in your text editor in order to store them temporarily. They will be required when defining the configuration in EV Observe in step 2.
Note: Click Show Client Secret to display the Client Secret.
Step 2: Configure EV Observe
1. Go to the Web app.
2. Create a new host corresponding to the virtual host.
- Select Configure > Hosts > List in the menu.
- Click + Add in the Mode: Box tab.
- Associate the new host with one of the services based on the Sophos templates.
See the Catalog for Sophos
- Click Apply.
3. Configure the HTTP monitoring account for the new host.
- Specify the information below.
- User: Copy and paste the Client ID you stored in your text editor when creating the dedicated user on the Sophos Central platform in step 1.
- Password: Copy and paste the Client Secret you stored in your text editor in step 1.
- Click Apply.