newb here…
I noticed the existing LogRhythm SIEM integration is only for Alarms. Has anyone tried creating integration into LR Case Management with the case API? https://docs.logrhythm.com/docs/lrapi/rest-api/case-api
LR has also released some new APIs.
Has anyone looked into these new admin APIs? might need a LR box to get the doco though.
https://docs.logrhythm.com/docs/lrapi/rest-api/administration-api