Proofpoint TAP

Proofpoint TAP (Targeted Attack Protection) detects and prevents threats in email.

Integration with LogicHub

Connecting with Proofpoint TAP

To connect to Proofpoint TAP following details are required:

  • Label: Connection name.
  • Reference Values: Define variables here to templatize integration connections and actions. For example, you can use https://www.{{hostname}}.com where, hostname is a variable defined in this input. For more information on how to add data, see 'Add Data' Input Type for Integrations.
  • API User: API User name for Proofpoint's SIEM API.
  • API Key: The API key to connect to the Proofpoint TAP.

Actions with Proofpoint TAP

Get TAP Events

Get events from Proofpoint TAP via Proofpoint's SIEM API.

Inputs to this Action

  • Connections: Choose a connection that you have created.
  • Event Type: Type of events to query.
  • Query Window: Window of time to query, from one minute ("1m") to 24 hours ("24h").

Did this page help you?