Obtain API Credentials from Proofpoint Secure Email Gateway
To enable API access, follow these steps to generate a Principal Key and Secret Key:
Access the Proofpoint Admin Console
- Open your web browser and navigate to Proofpoint Admin Console.
- Log in with your administrator credentials.
Navigate to API Key Management
- Click on Settings from the top navigation bar.
- Select API Key Management.
Create a New API Key
- Click the Add Key button.
- Enter a descriptive name for your key (e.g., “Logsign USO Integration”).
- Assign the necessary permissions:
Ensure that SIEM API Access is enabled to retrieve logs.
Retrieve and Store API Credentials
The system will generate the following:
- Principal Key (Client ID)
- Secret Key (API Key)
Important: The Secret Key is displayed only once. Store it securely, as it cannot be retrieved later.
If the Secret Key is lost, you must generate a new one.
Configure Proofpoint API in Logsign USO
Once you have obtained the Principal Key and Secret Key, follow these steps to configure Logsign USO:
Open Logsign USO
Log in to your Logsign USO platform.
Navigate to Settings
- Go to Settings > Device Collection > API
- Select Proofpoint Secure Email Gateway as the provider.
Enter API Credentials
Fill in the following fields:
• Principal Key: Enter the Principal Key (Client ID) obtained from Proofpoint.
• Secret Key: Enter the Secret Key (API Key).
• Log Start Date: Choose the desired time range (e.g., “1 Hour” to fetch logs from the last hour).
Finally, click Save to apply and finalize the configuration.