Skip to main content

Create SIEM account

POST 

https://api.logz.io/v2/account-management/siem

Creates a new SIEM account. Returns SIEM account configuration settings as a JSON object. Must be run with an API token from the your main Logs account Logs > Settings > Manage tokens > API tokens. Please ensure to change the region in the URL to match your account's region.

Request

Body

    accountName stringrequired

    SIEM account name

    accountsToScan integer[]

    IDs of accounts that will be accessed for logs. The owner account will be the default account to scan.

    email stringrequired

    Email address of the SIEM account.

    isUsingRepositoryAccount boolean

    Describes if the account uses a Repository Account. For more information, see our User Guide.

Responses

successful query

Schema
    accountId integer

    Account ID.

    accountName string

    SIEM account name

    accountsToScan integer[]

    Accounts included into the query

    createdAt date-time

    Date this account was created. Format: {yyyy}-{mm}-{dd}T{hh}:{mm}:{ss}Z

    isUsingRepositoryAccount boolean

    Describes if the account uses a Repository Account. For more information, see our User Guide.

Authorization: X-API-TOKEN

name: X-API-TOKENtype: apiKeydescription: You can manage your API tokens from the [Logz.io API tokens](https://app.logz.io/#/dashboard/settings/manage-tokens/api) page.

API tokens are account-specific. You will need to be logged into the relevant Log Management or SIEM account to view the API tokens associated with it.

To manage your API tokens, log into the relevant account in your Logz.io platform, click the gear in the top-right menu, and select [**Tools > Manage tokens > API tokens**](https://app.logz.io/#/dashboard/settings/manage-tokens/api).

It's important to keep your tokens secure. API tokens carry privileges to make changes to users and accounts, so if you believe an API token has been compromised, delete it, and replace it with a new token in your integrations.in: header
curl -L -X POST 'https://api.logz.io/v2/account-management/siem' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'X-API-TOKEN: <API_KEY_VALUE>' \
--data-raw '{
"accountName": "string",
"accountsToScan": [
0
],
"email": "string",
"isUsingRepositoryAccount": true
}'
Request Collapse all
Base URL
https://api.logz.io
Auth
Body
{
  "accountName": "string",
  "accountsToScan": [
    0
  ],
  "email": "string",
  "isUsingRepositoryAccount": true
}