The content on this page deals with a legacy feature of the Akamai Identity Cloud. If you are currently an Identity Cloud customer and are using SIEM event delivery, that feature is still supported. However, if you’re new to the Identity Cloud, SIEM event delivery is no longer available.

To understand this API's various URL resources and the data it exchanges, it helps to be familiar with the following concepts:

  • Amazon S3 bucket. Amazon Web Services storage location where SIEM event messages are delivered. You need to use SFTP and a public key to log in to the S3 bucket and download those messages. Note that you must use the bucket assigned to you by Identity Cloud for your SIEM data feeds. There's no way to reroute SIEM event deliveries to a different S3 bucket or a different location. See Configure Amazon S3 buckets for more information.

  • Blocklist. List of SIEM events that don’t result in event notifications. By default, any SIEM event that takes place triggers a notification. However, if there are events you don’t care as much about (for example, you don't need a notification any time a user verifies their email address) you can place that event on the blocklist. Events on the blocklist don’t result in event notifications. If you later change your mind you can use the SIEM event delivery service API to remove an event from the blocklist.See Block SIEM events for more information.

  • Public key. Public version of a cryptographic key needed to download the event messages from an Amazon S3 bucket. Each user that accesses the S3 bucket must supply a valid public key. Note, however, that no application can be assigned more than 10 public keys. Organizations are responsible for generating, uploading, and maintaining their public keys. See Manage SIEM event public kets for details.

  • SIEM event types. Identity Cloud events that trigger SIEM event notifications. SIEM events represent a small, but useful, subset of the events that take place on an Identity Cloud website or in an Identity Cloud app. See Identity Cloud SIEM events for more information.