Before you begin

Before you can add the Duo Security Cloud Connector in Blumira, you must gather your Duo Admin API credentials:

  • Duo integration key
  • Duo secret key
  • Duo API hostname

Important: Dedicate a specific Admin API application in Duo to your Blumira integration. Do not reuse the same Duo Admin API credentials for multiple applications, as rate limits for Duo’s API will cause logging delays or disruption if too many requests are processed with the same credentials.

To obtain your Duo Admin API information complete the five steps in Duo Admin API: First Steps.
The Blumira integration requires Read permissions to information, logs, and resources (in Step 4 of First Steps).
duo-1.png

Integrating with Duo using a Cloud Connector

Cloud Connectors automate the configuration of your integrations without requiring you to use a sensor. After you obtain your integration’s configuration parameters, you can then enable Blumira to collect your logs.

To configure your integration with Blumira Cloud Connector:

  1. In the Blumira app, go to the Cloud Connectors page (Settings > Cloud Connectors).
  2. Click + Add Cloud Connector.
  3. In the Available Cloud Connectors window, click the connector that you want to add.
  4. If you want to change the name of the Cloud Connector, type the new name in the Cloud Connector Name box.
  5. Enter the API credentials that you collected in the “Before you begin” section above.
  6. Click Connect.
  7. On the Cloud Connectors screen, under Current Status, you can view the configuration’s progress. When the configuration completes, the status changes to Online (green dot).
    Important: If you previously deployed a Module for this integration, then you must remove it via the Sensors page (Settings > Sensors) to avoid log duplication.