https://github.com/hazcod/one2sen
Go program that exports 1Password security events to Microsoft Sentinel SIEM.
https://github.com/hazcod/one2sen
1password onepassword sentinel siem
Last synced: 6 months ago
JSON representation
Go program that exports 1Password security events to Microsoft Sentinel SIEM.
- Host: GitHub
- URL: https://github.com/hazcod/one2sen
- Owner: hazcod
- Created: 2023-04-13T14:31:03.000Z (over 2 years ago)
- Default Branch: main
- Last Pushed: 2024-09-09T12:56:41.000Z (about 1 year ago)
- Last Synced: 2024-09-09T15:30:55.147Z (about 1 year ago)
- Topics: 1password, onepassword, sentinel, siem
- Language: Go
- Homepage:
- Size: 140 KB
- Stars: 4
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# one2sentinel
A Go program that exports 1Password usage, signin and audit events to Microsoft Sentinel SIEM.
## Running
First create a yaml file, such as `config.yml`:
```yaml
log:
level: INFO
microsoft:
app_id: ""
secret_key: ""
tenant_id: ""
subscription_id: ""
resource_group: ""
workspace_name: ""
dcr:
endpoint: ""
rule_id: ""
stream_name: ""
expires_months: 6
update_table: false
onepassword:
api_token: ""
```
And now run the program from source code:
```shell
% make
go run ./cmd/... -config=dev.yml
INFO[0000] shipping logs module=sentinel_logs table_name=OnePasswordLogs total=82
INFO[0002] shipped logs module=sentinel_logs table_name=OnePasswordLogs
INFO[0002] successfully sent logs to sentinel total=82
```
Or binary:
```shell
% one2sen -config=config.yml
```
## Building
```shell
% make build
```