Review Proofpoint integration settings

  • Release version: Washingtondc
  • Updated January 21, 2025
  • 1 minute to read

    • Review the Proofpoint integration settings so that you can modify the system properties for your environment.

    Before you begin

    Role required: sn_si_admin

    Procedure

    1. Navigate to All > SIR Integration with Proofpoint > Proofpoint Integration Settings.
    2. Modify the following settings.
      Table 1. Proofpoint Integration Settings
      Property Name Description
      TimeOut for the restAPI calls.

      sn_sec_proofpoint.http_timeout

      		 The timeout (in seconds) for fetching data from the api calls.

      Type: Integer

      Default value: 3000
      Logging level - debug, info, warn, error

      sn_sec_proofpoint.logging_verbosity

      		 The log verbosity level of the application, meaning the name of the type of information. You can update the value to the following options:
      • error
      • warn
      • info
      • debug

      Default value: info
      Enforce a limit on number of Proofpoint Events that can be aggregated to a single incident.

      sn_sec_proofpoint.max_aggregations_per_si

      		 The maximum number of Proofpoint events that can be aggregated to one incident.

      Type: Integer

      Default value: 100
      Enforce a limit on number of security incidents that can be created in 24 hour period.

      sn_sec_proofpoint.max_si_per_day

      		 The maximum number of incidents that can be created in 24 hours.

      Type: Integer

      Default value: 1000
      No of days, we need to use in api call for top clickers, vap.

      sn_sec_proofpoint.default_days

      		 The number of days of data to fetch for top clickers and VAP. You can also update the value to the following options:
      • 14
      • 30
      • 90

      Type: Integer

      Default value: 90
      Boolean flag, if enabled it makes api call and populates Topclickers details.

      sn_sec_proofpoint.call_topclickers_api

      		 Activate the option to enable and fetch top clicker data.

      Type: Boolean

      Default value: True
      Boolean flag, if enabled it makes api call and populates VAP details.

      sn_sec_proofpoint.call_vap_api

      		 Activate the option to enable and fetch VAP data.

      Type: Boolean

      Default value: False
      It is to restrict the maximum number of users to display for topClickers, VAP Users.

      sn_sec_proofpoint.maxresults

      		 The maximum number of users to display for top clickers and VAP users.

      Type: Integer

      Default value: 100
      Enables/Disables using overlapping period during scheduled polling of Proofpoint Events.

      sn_sec_proofpoint.allow_overlap

      		 Enable or disable overlapping period when scheduled polling is configured.

      Type: Boolean

      Default value: False
      Overlap time in minutes to be used during scheduled polling of ProofpointEvents when overlap is enabled.

      sn_sec_proofpoint.overlap_time

      		 The overlap time in minutes when scheduled polling is configured.

      Type: Integer

      Default value: 5
    3. Select Save.

    Result

    Configures the integration settings with new values.