Configuring the Export via Portal

Access the Data Export configuration page via the following link to the PerimeterX Portal

Existing Integrations

A welcome screen shows all existing integrations configured for the selected customer account.

For each integration the following is indicated:

  • Integration name - a descriptive, custom name given to an integration
  • Integration type - to which end provider does this integration configured to (DataDog, Splunk, Http, Syslog, S3, SumoLogic)
  • Data type - either Logs or Metrics
  • Toggle button to turn the integration on/off

Configuring an Integration

By adding a new integration (in the upper right corner), or selecting an existing integration, you will be routed to the integration details page. In this page you will be able to configure the integration as follows:

Integration Details

In the Integration name field give a custom descriptive name to your integration. In the Applications field select one or more applications that belong to your account to be associated with this integration.

Data Type

Select the required data stream to configure. More information on the data exported for each data stream is available in the Data Schema (Metrics) & Data Schema (Logs) sections.

Integrations

Choose the integration type (DataDog, Splunk, Http, Syslog, S3, SumoLogic). Once all connection details (see below example) are filled, you can use “Test Connection” button to verify that we are able to send messages to the customer’s endpoint

Authentication method Can be either:

  • Public - No authentication (no further actions required)
  • WAF - Web application firewall, meaning the required endpoint is behind a firewall. To enable access to PerimeterX, please add the listed IPs to the firewall's whitelist

Available Integrations

Datadog

We support sending both Metrics and Logs data schemes to Datadog. For additional information on this integration go to Datadog Integration.

📘

Please Note

For the datastream type Metrics, only Authentication method - Public - No authentication, is supported.

  • API Key - DataDog provided API Key
  • Region - US or EU
  • Endpoint URL - A default one will be set according to a chosen region. It can be changed later to a custom url

Syslog

Support sending only the Logs data scheme.

  • Host - Endpoint host
  • Port - Endpoint port
  • Protocol - TLS or TCP
  • SSL certificate - If the protocol is TLS, please upload the certificate to allow a secure connection
  • Expiry date - If the certificate is valid, the date is automatically extracted
  • Severity - Link
  • Facility - Link

Splunk Cloud (HEC)

Support sending only the Logs data scheme. For additional information on this integration go to Datadog Integration.

  • URL - A url to connect to Splunk
  • Headers - Usually “Authorization” header

SumoLogic

Support sending only the Logs data scheme with POST requests.

Please provide url that contains the api endpoint and unique collector code of the format. You can get this url from your Sumologic dashboard.

AWS S3

Support sending only the Logs data scheme.

  • Bucket - The name of the receiving S3 bucket
  • Region - AWS region the bucket resides at
  • SSE - Bucket encryption method
  • Access key id - Bucket access key id
  • Secret access key - Bucket secret access key

HTTP Web Hook

Support sending only the Logs data scheme.

  • URL - The http endpoint url
  • Method - Http method to send the data (usually POST)
  • Body pattern - "{ "data": %s }". If the data sent needs to be in a very specific format. Use %s as a “data” placeholder
  • Headers - API keys, authentication headers, custom headers - can all be set here

Data Streams

This section enables to choose what type of data is required to export.
For Logs the following activities are available: Block, Captcha, Legitimate.
For Metrics the following activities are available: Sum requests, average Risk RTT.


Did this page help you?