-
SuggestedSuggested
- How It Works Streama© is the foundation of Coralogix's stateful streaming data platform, based on our 3 “S” architecture – source, stream, and sink.
- How Monday.com Improved Monitoring to Spend Less Time Searching for Issues Monday.com uses Coralogix to centralize and standardize their logs so they can easily search their logs across the entire stack.
- Creating a Free Data Lake with Coralogix Like many cool tools out there, this project started from a request made by a customer of ours. Having recently migrated to our service, this customer...
Oh no!
Oh no!We didn’t find anything for “”,
please try a different search
Breaking News from AWS re:Invent
Coralogix receives AWS Rising Star award!
Downloading Your Security Report
This guide demonstrates how to download your Coralogix security report via API.
Prerequisites
Configuration
STEP 1. Access your API URL based on the domain associated with your account.
| .com | Ireland | ng-api-http.coralogix.com |
| .app.eu2.coralogix.com | Stockholm | ng-api-http.eu2.coralogix.com |
| .app.coralogixsg.com | Singapore | ng-api-http.coralogixsg.com |
| .in | Mumbai | ng-api-http.app.coralogix.in |
| .us | United States | ng-api-http.coralogix.us |
STEP 2. Access your Coralogix Logs Query Key.
- On your Coralogix dashboard, click Data Flow > select API Keys.
- Copy your Logs Query Key.
STEP 3. Create the API.
| URL | https:// {{Coralogix domain}}/xdr/get-report |
| HTTP Method | POST |
| Content Type | application/json |
| Authorization | Bearer {{Logs Query key}} |
STEP 4. Schema
Request schema.
{
"executionId": string(uuid), // in case it's not provided using the last scan id
"filter": {
"region": string[],
"account": string[],
"complianceFramework": string[],
"provider": string[], // "aws", "gcp", "azure", "github", etc...
"service": string[], // "RDS", "BIG QUERY", "S3", etc
"testName": string[], // sort name of the security rule (testIdentity)
"result": string[] // (enum) "Passed", "Failed"
"severity": int[], // (enum) 1 - Low, 2 - Medium, 3 - High, 4 - Critical
"active": string[] // (enum): "Enabled", "Disabled"
}
}
Note: Every field in the request payload is optional. Passing a null value or ignoring that field is the same as passing an empty list.
Compliance frameworks and short names:
| Snowbit | snowbit |
|---|---|
| CIS AWS 1.4.0 | cis_aws |
| HIPAA | hipaa |
| ISO-27001 | iso_27001 |
| PCI DSS 3.1.0 | pci_dss |
| SOC 2 | soc2 |
Response schema:
{
"executionId": string // uuid v4 format
"data":[
{
"region": string,
"account": string,
"complianceFrameworks": string[],
"provider": string,
"category": string, // From the category view eg: "Database", "Storage", "Identity Management", etc
"service": string, // "RDS", "BIG QUERY", "S3", etc
"testName": string,
"severity": int, // enum: 1 - Low, 2 - Medium, 3 - High, 4 - Critical
"resourceName": string,
"resourceId": string,
"passed": boolean,
"active": boolean
}
]
}
Additional Resources
| Documentation | Cloud Security Posture Management (CSPM) |
Support
Need help?
Our world-class customer success team is available 24/7 to walk you through your setup and answer any questions that may come up.
Feel free to reach out to us via our in-app chat or by sending us an email at [email protected].