This workflow template, named "Send Torq Audit and Activity Logs to Singularity XDR," is designed to ensure the systematic transfer of audit and activity logs to Singularity XDR for enhanced threat detection and response. The workflow is scheduled to pull logs regularly, reformat them from JSON to text for readability, set checkpoints for tracking, and batch-upload the logs to Singularity XDR efficiently. It's an ideal solution for organizations seeking to streamline their log management and bolster security with continuous monitoring and analysis.
Use Cases
null
Workflow Breakdown
Runs on an schedule and pull the audit and activity logs.
Reformat logs from JSON to plain text, one entry per line separated by a newline.
Set a checkpoint using global variables for each run.
Send logs to Singularity XDR in a batch transaction.
Vendors
Utils, SentinelOne, Torq
Workflow Output
Log files will be created on SingularityXDR named after the type of log and the timestamp.
Tips
Upload Logs action require a \"Log Write Access\" API key