I am trying to connect Box RESTAPI to our IBM Qradar SIEM for compliance management. I have followed the documents and video's however non of them identify what to use as the Log Source Identifier.
All other instructions to get ClientID, Secret, KeyID, EntID, and PrivKey have all been completed and supplied into Qradar interface.
I have attempted to use all of the below with no success.
https://api.box.com/oauth2/token
Failed - ERROR - Unable to collect events.
No. We are still struggling to get this active. It initially connects as a log source, but then errors out saying it cannot get any data.
I realize this post is rather old at this point - but it got us going down the right path, and we eventually got it figure out.
For event logs - your log source identifier URL needs to be:
https://api.box.com/2.0/events
After we set that, everything started flowing in with no issues.
I found this in the API user guide for Box - specifically in the "User Events" section.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
