Closed VatsalJagani closed 2 years ago
Thanks, @VatsalJagani For the suggestion, We incorporated these changes and waiting on the customer confirmation to this change fix this issue or not. will raise the PR once we get this confirmation from the customers who raised the issue.
In your changes, you mimic the cursor value in the make_token_request method. we also need to do the same changes in the make_credentials_request method as well.
In your changes, you mimic the cursor value in the make_token_request method. we also need to do the same changes in the make_credentials_request method as well.
Yes, that is correct. But I don't have any way to test that part of the code so you can help me update this PR to make those changes if you can. Thanks @anil-sophos
@VatsalJagani Below attached both updated method screenshots. soon will raise this PR. You can update the code based on screenshots and test the things with token configuration. for the make_credentials_request test, you need to configure client_id and client_secret.
Thanks @anil-sophos. I've done the code change, but I'm doing some testing. I'll update the PR as soon as I'm done with the testing.
@anil-sophos
@anil-sophos - Do you have any information on the timeline for this?
@VatsalJagani We will planning to fix the cursor things on the backend side and on the python script side we will pass collection_delay
as a query param.
We have incorporated the collection delay configuration in API. so no need to mimic the cursor value in the script. we provided this feature as a config parameter. Here is the PR Link: https://github.com/sophos/Sophos-Central-SIEM-Integration/pull/77
Adding extra delay while collecting the events/alerts from Sophos central API. The delay is configurable through the config file. The default is 60 seconds.
Story: