Nov 27 2020
I'm trying to send csv files containing IP address, host, username, event, timestamp from a cloud environment via MCAS REST API to Microsoft Cloud App Security. The application which generates the files is not by default supported by MCAS. After reviewing the documentation, the Cloud Discovery API only seems to support certain source types, csv not among them (https://docs.microsoft.com/en-us/cloud-app-security/api-discovery-initiate). I found the option to use a custom log parser however I'm unsure if and how this can be setup together with the MCAS REST API, with logs being pushed to MCAS continuously and automatically. (https://docs.microsoft.com/en-us/cloud-app-security/custom-log-parser).
Can anyone point me in the right direction for how to set this up?