Supported Cortex XSOAR versions: 6.8.0 and later.
Collects Auth and Audit events for Duo using the API.
Navigate to Settings > Integrations > Servers & Services.
Search for Duo Event Collector.
Click Add instance to create and configure a new integration instance.
Parameter Required Server Host True First fetch timestamp (<number> <time unit>, for example, 12 hours, 7 days, 3 months, 1 year) True Integration key True Secret key True XSIAM request limit True Request retries False Use system proxy settings False
Click Test to validate the URLs, token, and connection.
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
Manual command to fetch events and display them.
|should_push_events||Set this argument to True in order to create events, otherwise the command will only display them. Possible values are: True, False. Default is False.||Required|
There is no context output for this command.