The MIP team are requesting for data streams for Github to their XSIAM analytical tools. They have requested to have a dedicated consumer group for XSIAM in addition to the default consumer group used by Splunk in the following resource:
They are also requesting that a webhook dedicated to XSIAM be configured in Github to enable them pull other Git related data for their analytic tools and are asking to have exposed a custom http endpoint for their use.
DTSPO-19362
Summary
The MIP team are requesting for data streams for Github to their XSIAM analytical tools. They have requested to have a dedicated consumer group for XSIAM in addition to the default consumer group used by Splunk in the following resource:
The existing eventhub is: soc-prod-public-eventhubns/github
They are also requesting that a webhook dedicated to XSIAM be configured in Github to enable them pull other Git related data for their analytic tools and are asking to have exposed a custom http endpoint for their use.
Requested webhook url: Possible name https://api-justiceuk.xdr.uk.paloaltonetworks.com they would provide the relevant authentication keys when required to PlatOps.
Intended Outcome
Impact on Teams