Skip to main content
Version: 2.0.0

Druva Email Backup Integrations

Druva Email backup Integrations

Druva Email backup will be integrated via Druva Email backup Partner API.

Requirement: 

  1. Access Token
  2. API URLs
  3. Sample Requests and Responses

Reference: https://developer.druva.com/docs/event-apis

Procedure:

  1. On the inSync Management Console menu bar, click Settings (wheel icon) > Settings. The Settings page appears.

  2. Click the inSync APIs tab.

event-api

In the Events API settings area, click Edit. The Edit Events API Settings window appears. 4. Select the Export Events check box.

  1. Click in the Categories to export box and select the events that you want to export from inSync.

  2. In the Syslog facility field, type a value between 1 and 23 to assign a Syslog facility ID for inSync events. The default value is 23.

  3. Click Save.

Generate a token to access Events API:

To generate a token to access Events API, see  Authentication.

Access Events API:

Make API requests. For more information, see the Events API reference.

You can also get the Events API response in CEF and Syslog formats. For more information, see Integrate Events API with a SIEM tool.Integrate Events API with a SIEM tool.

About Events API Response

  • Each inSync Events API response contains a maximum of 500 inSync events.
  • Every Events API response contains a tracker cookie. A tracker cookie, which is valid for the next 48 hours, is an identifier that contains inSync database reference and identifies the next set of unique events when successive Events API call is made.
  • If there are more than 500 events in the inSync database while returning an Events API response, the response contains nextpage header attribute that contains the next page URL. Use the nextpage header attribute along-with the tracker cookie in your subsequent API call to get additional set of inSync events.
  • Events API response is in the UTC timezone.

Integrate Events API with a SIEM tool

You can configure Security Information and Event Management (SIEM) tools like Splunk, ArcSight, and so on to consume inSync events. Events API enables inSync administrators to export inSync events in the following formats:

  • Common Event Format (CEF)
  • Syslog format

Configure your SIEM tool to ingest inSync events exported in the CEF and Syslog formats for your further analysis.

SIEM-tool