1. Overview
This article outlines the process for configuring the Cisco Duo API integration with the ARIA ADR platform.
2. Generate Duo App Integration and Secret Keys
- Log in to the Cisco Duo dashboard as the organizational owner.
- In the left navigation pane, select Applications > Application Catalog.
- Use the search bar locate and Admin API. Select Add.
- Admin API configuration:
- Details: Record the Integration Key, Secret Key and API hostname.
- Settings:
- Permissions: Grant the following permissions.
- Network for API access: Add the network CIDR you wish to grant inbound access for API calls. This will be the outbound public IP of the Collector virtual machine. If nothing is specified, all inbound API access is allowed.
- Notes: Add any relevant notes.
- Permissions: Grant the following permissions.
- Select 'Save Changes' to complete.
- Details: Record the Integration Key, Secret Key and API hostname.
3. Configure ARIA ADR Duo Connector
- Log in to the APE Dashboard.
- Navigate to Administration > Add-on Store, then search for Duo Log.
- Select Add Duo Log.
- Fill in the required fields:
- Device: Duo Log.
- Name: Provide a friendly name (e.g. "Duo Security Logs").
- CCE Host: Enter the CCE IP Address. If unsure, check Administration > CCE Control.
- Access ID / User Name: Paste the Integration key.
- Password/Secret Key: Paste the Secret Key.
- Config: Paste the following, replacing <API_HOSTNAME> with the API hostname.
{"api_host": "<API_HOSTNAME>"}
- Select Save.
4. Verify Duo Log Ingestion
- Log in to the APE Dashboard.
- Navigate to System > Log/Flow Collection Status.
- If configured correctly, you will see an entry with your CCE IP with the Device Type of 'duo'.
Was this article helpful?
That’s Great!
Thank you for your feedback
Sorry! We couldn't be helpful
Thank you for your feedback
Feedback sent
We appreciate your effort and will try to fix the article