2.x
Ask or search…
K

CrowdStrike

CrowdStrike destination plugin
CrowdStrike LogScale is a next generation SIEM and log management platform. Using the Crowdstrike destination plugin, you can send data from any of your sources to the LogScale platform. If you are looking for CrowdStrike sources, look at S3 (SQS) input
The processing rules of Calyptia let you enrich data mid-stream or reduce noise by dropping duplicate data or null values.

Configuration parameters

The CrowdStrike destination plugin provides these configuration parameters.

General

Key
Description
Host
IP address or hostname of the Log Scale Server.
Port
Port.
Headers
Add the Humio Ingest Token after the Bearer.

Advanced

Key
Description
URI
Specify an optional HTTP URI for the target web server.
Format
Specify the data format to be used in the HTTP request body, by default it uses json_lines. Other supported formats are json and json_stream.
Compress
Set payload compression mechanism.
HTTP Proxy
Specify an HTTP Proxy. The expected format of this value is http://host:port.
JSON Date Format
Specify the format of the date, supported formats: double, iso8601 (for example, 2018-05-30T09:39:52.000681Z), java_sql_timestamp (for example, 2018-05-30 09:39:52.000681, which can be used with AWS Athena), and epoch.
JSON Date Key
Specify the name of the date field in output.
Body Key
Specify the key which contains the body.
Header Tag
Set a HTTP header which value is the tag of the record.
Header Key
Specify the key which contains the headers.

Security and TLS

Key
Description
TLS
Enable or disable TLS/SSL support.
TLS Certificate Validation
Turn TLS/SSL certificate validation on or off. TLS must be on for this setting to be enabled.
TLS Debug Level
Set TLS debug verbosity level. Accepts these values: 0 (No debug), 1 (Error), 2 (State change), 3 (Informational), 4 (Verbose).
CA Certificate File Path
Absolute path to CA certificate file.
Certificate File Path
Absolute path to certificate file.
Private key File Path
Absolute path to private key file.
Private Key Path Password
Optional password for tls.key_file file.
TLS SNI Hostname Extension
Hostname to be used for TLS SNI extension.

Advanced networking

Key
Description
DNS Mode
Select the primary DNS connection type (TCP or UDP).
DNS Resolver
Select the primary DNS connection type (TCP or UDP).
Prefer IPv4
Prioritize IPv4 DNS results when trying to establish a connection.
Keepalive
Enable or disable Keepalive support.
Keepalive Idle Timeout
Set maximum time allowed for an idle Keepalive connection.
Max Connect Timeout
Set maximum time allowed to establish a connection, this time includes the TLS handshake.
Max Connect Timeout Log Error
On connection timeout, specify if it should log an error. When disabled, the timeout is logged as a debug message.
Max Keepalive Recycle
Set maximum number of times a keepalive connection can be used before it is retired.
Source Address
Specify network address to bind for data traffic.