Create SIEM account

POST 
https://api.logz.io/v2/account-management/siem

Creates a new SIEM account. Returns SIEM account configuration settings as a JSON object. Must be run with an API token from the your main Logs account Logs > Settings > Manage tokens > API tokens. Please ensure to change the region in the URL to match your account's region.

Request

application/json

Body

accountName stringrequired

SIEM account name

accountsToScan integer[]

IDs of accounts that will be accessed for logs. The owner account will be the default account to scan.

email stringrequired

Email address of the SIEM account.

isUsingRepositoryAccount boolean

Describes if the account uses a Repository Account. For more information, see our User Guide.

Responses

200

successful query

application/json

Schema

Schema

accountId integer

Account ID.

accountName string

SIEM account name

accountsToScan integer[]

Accounts included into the query

createdAt date-time

Date this account was created. Format: {yyyy}-{mm}-{dd}T{hh}:{mm}:{ss}Z

isUsingRepositoryAccount boolean

Describes if the account uses a Repository Account. For more information, see our User Guide.

Example (from schema)

{
  "accountId": 0,
  "accountName": "string",
  "accountsToScan": [
    0
  ],
  "createdAt": "2018-04-01T19:18:38Z",
  "isUsingRepositoryAccount": true
}

Authorization: X-API-TOKEN

name: X-API-TOKENtype: apiKeydescription: You can manage your API tokens from the [Logz.io API tokens](https://app.logz.io/#/dashboard/settings/manage-tokens/api) page.

API tokens are account-specific. You will need to be logged into the relevant Log Management or SIEM account to view the API tokens associated with it.

To manage your API tokens, log into the relevant account in your Logz.io platform, click the gear in the top-right menu, and select [**Tools > Manage tokens > API tokens**](https://app.logz.io/#/dashboard/settings/manage-tokens/api).

It's important to keep your tokens secure. API tokens carry privileges to make changes to users and accounts, so if you believe an API token has been compromised, delete it, and replace it with a new token in your integrations.in: header

• curl
• python
• go
• nodejs
• ruby
• csharp
• php
• java
• powershell

• CURL

curl -L -X POST 'https://api.logz.io/v2/account-management/siem' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-API-TOKEN: <API_KEY_VALUE>' \
--data-raw '{
  "accountName": "string",
  "accountsToScan": [
    0
  ],
  "email": "string",
  "isUsingRepositoryAccount": true
}'

Request Collapse all

Base URL

https://api.logz.io

Auth

X-API-TOKEN

Body

{
  "accountName": "string",
  "accountsToScan": [
    0
  ],
  "email": "string",
  "isUsingRepositoryAccount": true
}