Sophos Central is a unified console that provides one place to manage Sophos products, including endpoint, mobile, encryption, web, email, server, and wireless security.
Creating a Client ID for Sophos Central
Before configuring the Sophos Central connector in Lucidum, you must first create an API Key. Lucidum will use the API key to access the Sophos Central API.
To create Sophos API credentials, do the following:
Log in to Sophos Central Admin.
Click Add Credential and give the credential details.
This generates the credential, together with a Client ID and a Client Secret.
Copy the Client ID and Client Secret.
Configuring the Connector for Sophos Central
To configure Lucidum to ingest data from Sophos Central:
Log in to Lucidum.
In the left pane, click Connector.
In the Connector page, click Add Connector.
Scroll until you find the Connector you want to configure. Click Connect. The Settings page appears.
In the Settings page, enter the following:
URL (required): Sophos API URL, for example, https://api-***.central.sophos.com
Client ID (required): Client ID
Client Secret (required): Client secret
Verify SSL. For future use.
To test the configuration, click Test.
If the connector is configured correctly, Lucidum displays a list of services that are accessible with the connector.
If the connector is not configured correctly, Lucidum displays an error message.
Isolate an endpoint
Scan an endpoint
Delete an endpoint