Netwrix API is a special data source for the data received through Netwrix Auditor Integration API. By default, all imported data is written to a special Netwrix_Auditor_API database and recognized as the Netwrix API data source. This data is not associated with any monitoring plan.
If you want to associate data from your custom data source or SIEM solution with a certain plan, add a Netwrix API data source to your plan and mark the plan name in activity records before import. In this case, data will be written to the database linked to your monitoring plan. This can be helpful:
- If you need to restrict access to imported data. In this case only the users who are granted permissions to see the plan data will get access to imported activity records.
- If you want to simplify your search. In this case, you will be able to specify filters, such as Monitoring plan and Data source, and find the imported activity records faster.
- If you want to use Netwrix Auditor as intermediate solution in your monitoring routine. In this case, you will be able to export previously imported data.
NOTE: The account used to import activity records must be assigned a special Contributor role. See Role-based access and delegation for more information.
Complete the following fields:
Monitor this data source and collect activity data
Enable monitoring of the selected data source and configure Netwrix Auditor to collect and store audit data.
NOTE: If monitoring is disabled, you will not be able to import activity records to database linked to your monitoring plan.
To further diversify your data, add Integration items to your Netwrix API data source. See Integration for more information.
NOTE: Make sure Integration API is enabled. To check it, navigate to Settings → Integrations tab. See Integrations for more information.
Make sure to provide a monitoring plan name in activity records before importing data. See Netwrix Auditor Integration API Guide for detailed instructions on API commands and Activity Record structure.