Proofprint

Proofpoint Targeted Attack Prevention is a SIEM cloud technology that analyzes and blocks threats coming through email. You can send SIEM logs to Fluency through the Proofpoint API. Fluency captures click and message events from Proofpoint.

To learn more about Proofpoint, visit their API documentation at: https://help.proofpoint.com/Threat_Insight_Dashboard/API_Documentation/SIEM_API

Configuring a Proofpoint plugin

To send Proofpoint logs to Fluency, you must set up a credential in your Proofpoint dashboard.

To create a credential in Proofpoint:

(1) Login to your Proofpoint dashboard.

(2) Click the Settings tab.

(3) On the left side of the screen, click "Connected Applications". The Service credentials section will open.

(4) In the "Name" section, select "Create New Credential".

(5) Type the name <xyz.corp> and click the Generate button.

(6) In the pop-up window "Generated Service Credential", the "Service Principal" and "Secret values" are shown. Record these values to enter later in Fluency.

Fluency Integration Configuration

Log into Fluency, and navigate to the Integrations page under the Platform section of the main menu.

On the Integrations page, go to the New Integrations tab and choose the Proofpoint integration, under Email Audit and Protection.

On the left-side panel, once you have all the application information from instructions above, paste it into each field of the import creation form. Click "SAVE" to save this configuration.