Visualize Cisco Umbrella networks, domains, destinations, users, and discovered applications in the JupiterOne graph. Use this integration to also map Cisco Umbrella users to employees in your JupiterOne account and to monitor changes to Cisco Umbrella entities using JupiterOne alerts.
- Installation guide
- Cisco Umbrella data model
Cisco Umbrella supports the use of API keys to authenticate API requests. You need access to an account that has permissions to create a new API key. You must also have permission in JupiterOne to install new integrations.
Configuration in Cisco Umbrella
Generate an API key.
Provide the API key with the minimum scopes:
Admin/Roles - Read-Only
Admin/Users - Read-Only
Deployments - Read-Only
Policies/Destination Lists - Read-Only
Policies/Destinations - Read-Only
Reports/App Discovery - Read-Only
Future improvements may require additional scopes be added.
Record the API Key and Key Secret values.
Finalize in JupiterOne
To install the Cisco Umbrella integration in JupiterOne, navigate to the Integrations tab in JupiterOne and select Cisco Umbrella. Click New Instance to begin configuring your integration.
Creating a configuration requires the following:
The Account Name used to identify the Cisco Umbrella account in JupiterOne. Ingested entities will have this value stored in
AccountNametoggle is enabled.
Description to assist in identifying the integration instance, if desired.
Polling Interval that you feel is sufficient for your monitoring needs. You may leave this as
DISABLEDand manually execute the integration.
Cisco Umbrella API key and Key Secret generated for use by JupiterOne.
Click Create after all values are provided to finalize the integration.
Now that your integration instance has been configured, it will begin running on the polling interval you provided, populating data within JupiterOne. Continue on to our Instance management guide to learn more about working with and editing integration instances.
The following entities are created:
|Resources||Entity ||Entity |
The following relationships are created:
|Source Entity ||Relationship ||Target Entity |