Skip to main content
All CollectionsTemplatesBasic
Send Torq Audit and Activity Logs to Singularity XDR - Workflow Template
Send Torq Audit and Activity Logs to Singularity XDR - Workflow Template

Based on a configured time, workflow audit and activity logs will be sent to SingularityXDR

Updated over a week ago

This workflow template, named "Send Torq Audit and Activity Logs to Singularity XDR," is designed to ensure the systematic transfer of audit and activity logs to Singularity XDR for enhanced threat detection and response. The workflow is scheduled to pull logs regularly, reformat them from JSON to text for readability, set checkpoints for tracking, and batch-upload the logs to Singularity XDR efficiently. It's an ideal solution for organizations seeking to streamline their log management and bolster security with continuous monitoring and analysis.

Take Me to the Template

Use Cases

null

Workflow Breakdown

  1. Runs on an schedule and pull the audit and activity logs.

  2. Reformat logs from JSON to plain text, one entry per line separated by a newline.

  3. Set a checkpoint using global variables for each run.

  4. Send logs to Singularity XDR in a batch transaction.

Vendors

Utils, SentinelOne, Torq

Workflow Output

Log files will be created on SingularityXDR named after the type of log and the timestamp.

Tips

Upload Logs action require a \"Log Write Access\" API key

Related Articles
Collect Torq Audit or Activity Logs - Workflow Template
Send Torq Audit or Activity Logs to Azure Blob Storage - Workflow Template
Send Torq Audit Logs on a Schedule (Snowflake) - Workflow Template
Send Torq Audit and Activity Logs to S3 Bucket on a Schedule - Workflow Template
Gather Torq Audit or Activity Logs - Workflow Template
Did this answer your question?