- Cloud Collectors Overview
- Administration
- Administrative Access
- Shareable Service Accounts
- Add Accounts for AWS Cloud Collectors
- Add Accounts for Cisco Duo Cloud Collector
- Add Accounts for Google Cloud Collectors
- Add Accounts for Microsoft Cloud Collectors
- Add Accounts for Okta Cloud Collectors
- Add Accounts for Salesforce Cloud Collectors
- Add Accounts for Splunk Cloud Collectors
- Add Accounts for Trend Micro Cloud Collectors
- Add Accounts for Wiz
- Define a Unique Site Name
- Sign Up for the Early Access Program
- Onboard Cloud Collectors
- Abnormal Security Cloud Collector
- AWS CloudTrail Cloud Collectors
- AWS CloudWatch Cloud Collector
- AWS S3 Cloud Collector
- AWS SQS Cloud Collector
- Azure Activity Logs Cloud Collector
- Azure Log Analytics Cloud Collector
- Azure Event Hub Cloud Collector
- Azure Storage Analytics Cloud Collector
- Box Cloud Collector
- Cato Networks Cloud Collector
- Cisco Duo Cloud Collector
- Cisco Umbrella Cloud Collector
- Cribl Cloud Collector
- CrowdStrike Cloud Collectors
- GCP Pub/Sub Cloud Collector
- Microsoft Defender XDR (via Azure Event Hub) Cloud Collector
- Microsoft Entra ID Context Cloud Collector
- Microsoft Entra ID Logs Cloud Collector
- Microsoft 365 Exchange Admin Reports Cloud Collector
- Supported Sources from Microsoft 365 Exchange Admin Reports
- Migrate to the Microsoft 365 Exchange Admin Reports Cloud Collector
- Prerequisites to Configure the Microsoft 365 Exchange Admin Reports Cloud Collector
- Configure the Microsoft 365 Exchange Admin Reports Cloud Collector
- Troubleshooting the Microsoft 365 Exchange Admin Reports Cloud Collector
- Microsoft 365 Management Activity Cloud Collector
- Microsoft Security Alerts Cloud Collector
- Microsoft Sentinel (via Event Hub) Cloud Collector
- Netskope Alerts Cloud Collector
- Netskope Events Cloud Collector
- Okta Cloud Collector
- Okta Context Cloud Collector
- Palo Alto Networks Cortex Data Lake Cloud Collector
- Proofpoint On-Demand Cloud Collector
- Proofpoint Targeted Attack Protection Cloud Collector
- Recorded Future Cloud Collector
- Salesforce Cloud Collector
- SentinelOne Alerts Cloud Collector
- SentinelOne Cloud Funnel Cloud Collector
- SentinelOne Threats Cloud Collector
- SentinelOne Cloud Collector
- Splunk Cloud Collector
- Symantec Endpoint Security Cloud Collector
- Trend Vision One Cloud Collector
- Zscaler ZIA Cloud Collector
- Webhook Cloud Collectors
- Wiz Issues Cloud Collector
- Wiz API Cloud Collector
- Troubleshooting Cloud Collectors
Prerequisites to Configure the Wiz API Cloud Collector
Before you configure the Wiz API Cloud Collector you must complete the following prerequisites:
Ensure that you have the Administrative access to the Wiz portal.
Obtain the Client ID and Client Secret by contacting the Wiz support team.
Obtain the Base URL by accessing the Tenant section on the User Settings page of Wiz.
Obtain the Client ID and Client Secret
Use the following steps to generate a client ID and the client secret by creating a service account in Wiz.
Log in to the Wiz portal as and administrator.
Navigate to Settings > Service Accounts > Add Service Account.
Specify a name for the service account.
In the Type list, select Custom Integration(GraphQL API).
Select the project.
In the API Scopes, select the read:issues permission.
Click Add Service Account. For more information see, Add a Service Account.
Record the Client ID and Client Secret displayed on the user interface to use it while configuring the cloud collector.
Obtain the Base URL
Use the following steps to obtain the Wiz API URL or the Base URL.
Log in to your Wiz account.
Navigate to User Profile > User Settings.
In the left pane, click Tenant and record the API Endpoint URL that is displayed on the user interface.
Add Accounts for Wiz
To set up a sharable account for Wiz in Cloud Collectors:
Log in to the Exabeam Security Operations Platform with your registered credentials as an administrator.
Navigate to Collectors > Cloud Collectors.
Click Accounts, then click New Account.
In the Add a New Account page, enter the required information.
VENDOR – Select the vendor as Wiz.
NAME – Specify a name for the Wiz account.
CLIENT ID – Enter the client ID that you obtained while completing prerequisites.
CLIENT SECRET – Enter the client secret that you obtained while completing the prerequisites.
Click Save.
Proceed to configure Wiz (via API) Cloud Collector.
When you onboard new collectors for Wiz (via API), you must select the Wiz account. You can reuse credentials between different Wiz (via API) cloud collectors.