Create SIEM account
POSThttps://api.logz.io/v2/account-management/siem
Creates a new SIEM account. Returns SIEM account configuration settings as a JSON object. Must be run with an API token from the your main Logs account Logs > Settings > Manage tokens > API tokens. Please ensure to change the region in the URL to match your account's region.
Request
- application/json
Body
SIEM account name
IDs of accounts that will be accessed for logs. The owner account will be the default account to scan.
Email address of the SIEM account.
Describes if the account uses a Repository Account. For more information, see our User Guide.
Responses
- 200
successful query
- application/json
- Schema
- Example (from schema)
Schema
Account ID.
SIEM account name
Accounts included into the query
Date this account was created. Format: {yyyy}-{mm}-{dd}T{hh}:{mm}:{ss}Z
Describes if the account uses a Repository Account. For more information, see our User Guide.
{
"accountId": 0,
"accountName": "string",
"accountsToScan": [
0
],
"createdAt": "2018-04-01T19:18:38Z",
"isUsingRepositoryAccount": true
}
Authorization: X-API-TOKEN
name: X-API-TOKENtype: apiKeydescription: You can manage your API tokens from the [Logz.io API tokens](https://app.logz.io/#/dashboard/settings/manage-tokens/api) page. API tokens are account-specific. You will need to be logged into the relevant Log Management or SIEM account to view the API tokens associated with it. To manage your API tokens, log into the relevant account in your Logz.io platform, click the gear in the top-right menu, and select [**Tools > Manage tokens > API tokens**](https://app.logz.io/#/dashboard/settings/manage-tokens/api). It's important to keep your tokens secure. API tokens carry privileges to make changes to users and accounts, so if you believe an API token has been compromised, delete it, and replace it with a new token in your integrations.in: header
- curl
- python
- go
- nodejs
- ruby
- csharp
- php
- java
- powershell
- CURL
curl -L -X POST 'https://api.logz.io/v2/account-management/siem' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-API-TOKEN: <API_KEY_VALUE>' \
--data-raw '{
"accountName": "string",
"accountsToScan": [
0
],
"email": "string",
"isUsingRepositoryAccount": true
}'