Create an HTTPS profile
POST/logging-service/logforwarding/v1/https-profiles
Create an HTTPS profile object to send logs to an HTTPS receiver or SIEM.
Request
- */*
Body
required
- ClientAuthSentinel
- ClientAuthChronicle
- ClientAuthSplunk
- ClientAuthBasic
- Array [
- ]
destination objectrequired
Profile name and HTTPS receiver information.
clientAuth object
Your Microsoft Sentinel workspace primary key.
Your Microsoft Sentinel workspace ID.
Your Google Workspace Customer ID.
Your Google Workspace Service Account Token. Must be stringified.
Your Splunk HTTP Event Collector Token
HTTPS server password.
HTTPS server user name.
Possible values: [Splunk
, Sentinel
, Chronicle
, Basic
, None
]
The type of HTTPS destination to receive your logs.
Name of the profile.
An email address to receive updates about log transmission.
Possible values: [ARRAY_JSON
, STACKED_JSON
]
The format of the log data. Select the correct format for your HTTPS receiver.
The URI for the HTTPS destination. Must begin with https:/
.
logtypes object[]required
The parameters used to specify the logs that you want to send.
True
sends all log fields. False
sends a subset of log fields.
The specific log fields you do not want to send. Does nothing if the same field is present in includedColumns
.
The filter query used to send a subset of logs.
The specific log fields you want to send. Does nothing if allColumns
is True
.
The log type that you want to send.
Responses
- 201
- 400
- 429
- 500
- 503
Returns profile id on successful request processing
- */*
- Schema
Schema
string
Invalid input / failed connectivity check
- application/json
- Schema
- Example (from schema)
Schema
Server error code
A message describing the error code
{
"errorCode": 0,
"errorMessage": "string"
}
Too many requests
LogForwarding Service internal error
- application/json
- Schema
- Example (from schema)
Schema
Server error code
A message describing the error code
{
"errorCode": 0,
"errorMessage": "string"
}
LogForwarding Service is not available