Service Update
| Availability | July 3rd, 2023 |
| Product(s) | Email Security Cloud Gateway (CG) |
| Who's affected | Email Security CG users |
Overview
Mimecast is pleased to announce new SIEM (Security Information Event Management) APIs for Email Security Cloud Gateway. These APIs will be accessible via the Mimecast API 2.0 menu option and offer the same events and fields as the existing SIEM API provides today.
What's changing
Stream SIEM API
This API has several export and filtering options to enable customers to request only the needed data in the following supported formats (CIM, CEF, CSV, JSON). There is a limitation in the number of events that can be returned in a single call (100 events per page), and the frequency of calls is limited to 300 calls/hour. The Batch SIEM API is recommended for clients looking to receive all events without any filtering.
Batch SIEM API
This API will return a pre-signed URL, allowing customers to access batched SIEM events. This is best used for clients who need to receive all SIEM events in batches and require a separate call per event type. This API will allow filtering by event only and return events in JSON format.
You will find these endpoints under the following tile:
Threats, Security Events, and Data
For further technical documentation, please refer to the Mimecast API 2.0 references for Stream SIEM and Batch SIEM, respectively:
Comments
Please sign in to leave a comment.