A good new feature to add to Eramba is the ability to automatically create new incidents from an email received by Eramba, and to update that incident with replies to that incident. This would facilitate automatic incident creation from alerting systems.
hi walt !
we are not really into processing emails…can you feed new incidents using rest apis? we use splunk and instead of sending emails to notify us when a match hits a potential event we send a rest api that creates an incident in eramba.
we are inclined to invest more in api’s basically…
regards and many thanks for the suggesitions!!!
According to your documentation, you can’t use an API to create a security incident. Has this changed? Can you provide a sample JSON for this?
Hi Walter,
The json can be found on this link: https://drive.google.com/file/d/1odSA8cggLrNZEukICwq1078Hp68FhS2I/view?usp=sharing
This is the link that needs to be requested : www.ERAMBADNS.org/securityIncidents/add.json