TotalCloud CSPM Settings for AWS
Configure the TotalCloud CSPM Settings for AWS to fetch the CSPM events from your subscribed Qualys AWS account.
- Go to Apps > Manage Apps > Qualys Technology Add-on for Splunk > Set up.
- Enter API input parameters in the Extra filters for Connector List API field to pull the data such as Account ID, Name, and other details from your Qualys account.
- Enter API input parameters in the Extra filters for Evaluation API of AWS to pull the data such as Policy Name, Control Criticality, and other details from your Qualys account.
-
Enter Page Size to specify the number of records to be fetched in single API call.
You can configure the following settings in TotalCloud Cloud Security Posture Management (CSPM) Settings for AWS:
|
Setting |
Description |
|---|---|
|
Page size of Connector List API |
Specify the number of connectors to be fetched in single API call. Default: 3000 records |
|
Extra filters for Connector List API |
Provide the extra filters, for better search such as name, description, state, or other. Filter should be in the following format For example: { For more information on this, refer to the API User guide. |
|
Page size of Evaluation API of AWS |
Specify the number of Evaluations to be fetched in single API call. Default: 1000 records |
|
Extra filters for Evaluation API of AWS |
Provide the extra filters such as ProjectID, subscriptioID, or other. Filter should be in the following format For example: { For more information on this, refer to the API User guide. |
| Page size for CSPM Events API |
Specify the number of CSPM Events to be fetched in single API call. Default: 1000 records |
Event Types for TotalCloud CSPM Settings for AWS in Splunk
You can use default event types to search for TotalCloud CSPM Settings for AWS data pulled in Splunk. For more information, refer to Event Types for searching your apps data.