XTD SIEM API Integration Guide

Overview

This section provides a guide to integrating the Verimatrix XTD SIEM endpoint API with your security infrastructure. It covers authentication, data ingestion, formatting requirements, use cases, and best practices to ensure smooth and secure API interaction.

The SIEM API provides a direct way to ingest Verimatrix XTD analytics information into a third-party infrastructure in a streaming fashion, providing access to all the relevant data in near real time.

XTD SIEM integration diagram

In addition, the API provides basic filtering of events to narrow the scope of the information retrieved from the API.

Ingest into 3rd Party SIEM Systems

To use the data retrieved from the Verimatrix SIEM API, you usually have to configure and/or write custom data processing modules using SIEM-specific integration code. This could involve a simple HTTP retrieverplugin or a custom, daemon like process to perform the pulling of thedata and doing a subsequent push to the SIEM in question. Verimatrixprovides the means to pull the data from the SIEM API but does notintegrate directly into any SIEM vendor specific ingest system.