# Perception Point Integration
Perception Point Integration Document This document outlines the steps for integrating Perception Point with BluSapphire Log collection platform.
## #Pre-requisites:
Before proceeding, request the following details from your client:
• API Address: The URL for Perception Point's API endpoint.
• API Key/Token: The authentication token required to access the Perception Point API.
**Verify the data using CURL command**
curl -X GET ' -H 'Authorization: Token 52abceaa0e90a843b32b1b9a56a57949c275f9bb'
## #**Backend Configuration:**
1. **Pipeline Configuration**
a. Edit the pipelines.yml file located at /opt/lc/conf/collector/gateway-client/pipelines.yml.
b. Add the following configuration snippet to define a new pipeline named proxy-mail-perception-point:
YAML
* [pipeline.id](http://pipeline.id): proxy-mail-perceptionpoint pipeline.workers: 4 # Number of worker threads for the pipeline (default: 1) pipeline.batch.size: 300 # Number of events processed per batch (default: 100) pipeline.batch.delay: 50 # Delay (in milliseconds) between batches (default: 10) path.config: "/opt/lc/pipelines/processors/proxy/mail/perception-point/\*.conf" # Path to processor configuration files
2. **Input Configuration**
a. Navigate to the directory containing processor configurations:
cd /opt/lc/pipelines/processors/proxy/mail
b. Copy an existing processor directory (e.g., \) and rename it to perception-point:
cp -r \ perception-point cd perception-point
c. Rename the file 01-input-tcp.conf to 01-input-http.conf as Perception Point uses an HTTP API.
d. Edit 01-input-http.conf with the following content, replacing placeholders with the obtained client details:
input {
http\_poller {
urls => {
perception\_point => {
method => get
url => "${PER\_API\_URL}"
headers => {
"Authorization" => "${PER\_AUTH\_TOKEN}"
}
}
}
request\_timeout => 60
schedule => { cron => "\* \* \* \* \* UTC"}
codec => "json"
}
}
**3. Filter Configuration**
Edit the file 02-metadata-filter.conf with the following content:
filter {
mutate { add\_field => { "\[@metadata]\[debug]" => "${DEBUG\_PROXY\_MAIL\_PERCEPTIONPOINT:False}" } }
mutate { add\_field => { "\[@metadata]\[prefix\_path]" => "${PREFIX\_PATH:logs}" } }
mutate { add\_field => { "\[@metadata]\[log\_type]" => "${LOG\_PROXY\_MAIL\_PERCEPTIONPOINT:proxy-mail-perceptionpoint}" } }
mutate { add\_field => { "\[@metadata]\[client\_id]" => "${CLIENT\_ID}" } }
mutate { add\_field => { "\[@metadata]\[sensor\_id]" => "${SENSOR\_ID}" } }
}
4. **Blucluster Configuration**
1. Edit the main configuration file /opt/lc/conf/blucluster.conf.
2. Set the following environment variables:
•DEBUG\_PROXY\_MAIL\_PERCEPTIONPOINT=False (or desired value)
•LOG\_PROXY\_MAIL\_PERCEPTIONPOINT=proxy-mail-perceptionpoint
3. Add the following section under a designated area (e.g., Perception Point Configuration):
\#Perception point Configuration
PER\_API\_URL=""
PER\_AUTH\_TOKEN="Token 52abceaa0e90a843b32b1b9a56a57949c275f9bb"
**Important:** Replace PER\_API\_URL and PER\_AUTH\_TOKEN with the values obtained from the client.
**5. Restart Service Restart the Log collector service:**
sudo systemctl restart blu\_gc.service
**6. Verification**
• Check the temporary directory (/optllc/temp) for any log files generated during the integration process and check in S3.
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.blusapphire.io/log-forwarding/03_log-forwarding-guide/log-forward/fortinet/perception-point-integration.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.