Skip to main content

Cisco Secure Endpoint

Visualize Cisco Secure Endpoint protected devices, map agents to devices and their respective owners, and monitor changes through queries and alerts.

Installation

This integration connects directly to Cisco Secure Endpoint REST API to obtain endpoint protection and configuration information.

Valid API Endpoints include:

  • api.amp.cisco.com
  • api.apjc.amp.cisco.com
  • api.eu.amp.cisco.com
info

You will need to create a new Client ID and API Key with read access in Cisco Secure Endpoint for this integration. See their documentation for more information.

To install the Cisco Secure Endpoint integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Cisco Secure Endpoint. Click New Instance to begin configuring your integration.

Creating a configuration requires the following:

  • The Account Name used to identify the Cisco Secure Endpoint account in JupiterOne. Ingested entities will have this value stored in tag.AccountName when the AccountName toggle is enabled.

  • Description to assist in identifying the integration instance, if desired.

  • Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as DISABLED and manually execute the integration.

  • The API Endpoint Hostname associated with your Cisco Secure Endpoint account.

  • Your Cisco Secure Endpoint Client ID and API Key (configured for read access).

Click Create once all values are provided to finalize the integration.

Next steps

Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.