I’m attempting to leverage the REST collector to collect logs from Duo. The REST API requires authentication to be in the form of an HMAC-SHA1 signature in hex ASCII format. Instructions can be found here: Duo Admin API | Duo Security.
At the very least, I’m curious if this is possible, and if so, how would one go about setting this up? Thanks!
This workflow is not currently supported by the REST integration. A scripted collector would be the only workaround I’m aware of.
What would be the process of submitting a feature request for something like this? We’re looking to leverage Cribl not only for ETL and routing, but to be the central place from which we gather events from SaaS platforms that make their events available through an API endpoint. Thanks!