Sophos Central is an integrated management platform to help simplify the administration of multiple Sophos products, including endpoint, mobile device management (MDM), server protection and a secure web gateway. It helps you stop spam, phishing, malware and data loss.
Blumira’s integration allows you to retrieve event data from Sophos Central directly to your Blumira sensor to start tracking logs for threat detection and response.
Related Integration: Sophos XG Firewall Integration With Blumira
Try out Blumira’s automated detection & response platform for free and deploy a cloud SIEM in hours.
Before Blumira can retrieve logs from Sophos Central, you will first need to obtain credentials to access the Sophos Central API. To obtain these credentials, please follow these steps.
Next, you’ll need to configure your Blumira sensor to connect to the Sophos Central API, using the credentials you obtained in the steps above.
Here’s how to add the Sophos Central module:
The Add New Module window should close, and, back in your sensor detail page view, you should now see the Sophos Module listed in the table of modules.
Within minutes, the module will be operational, and will ingest Sophos Central logs from the last 12 hours into the Blumira platform. It will then poll Sophos Central every minute for the latest available logs.