Setting up AEC Custom Endpoint: Pull Evidence from Any Source

If none of the out-of-the-box Evidence Sources meet your needs, don’t worry! You can set up a Custom Endpoint to automate evidence collection from any source you choose.

Creating a AEC Custom Endpoint is a two-step process: Setting up the Evidence Source Endpoint and then Creating Evidence Automation using that endpoint. Here's a quick guide to get you started.

Setting Up Custom Endpoint as an Evidence Source

Step 1: Navigate to Evidence Sources under Compliance Menu

• Ensure you have Edit access to the Evidence Sources module entitlement.

Step 2: Find and Configure the Custom Endpoint Option

• Scroll to the "Other" section to find the Custom Endpoint option.
• Click the gear icon to configure more evidence sources.

Step 3: Add a Custom Endpoint URL

• Click on Add Custom Endpoint URL.
• You'll be prompted to name your Custom Endpoint and provide the URL.
• If authorization is needed, provide the appropriate header and token.

Example:

• We are pulling back the Build Audit Log from Risk Cloud as evidence.
• Enter https://{subdomain}.logicgate.com/api/v1/audit/build/export/CSV?applicationId={appId}&startDate={yyyy-mm-dd} as the endpoint.
• Provide the API token from your profile for authentication

Creating Automation to Pull Evidence

Step 1: Navigate to Record

• First, go to a record where you've enabled AEC in Workflow.

Step 2: Create a New Automation

• Click on Create New Automation button

Step 3: Select the Evidence Source

• Give your automation a name so it can be uniquely identified. Then, in the Where is this evidence coming from section, select the Custom Endpoint you just created.

Step 4: Complete the Automation Setup

• Continue with the Automation Setup and then click Save.
• See Create and Configure AEC Automation for more details.

Step 5 (Optional): Test the Automation

• Click on the gear icon for your newly created evidence automation and select Run Now to trigger an ad-hoc run to test if Evidence Automation is ran successfully. Troubleshoot based on error messages.
• Otherwise, wait until the evidence automation is scheduled.

Step 6: Check the Evidence Record

• Click on the Evidence Record that's been created to view the file that's been pulled. You can find this in the Collection History or via another Linked Workflow Section on your record.
• There you have it! Your evidence is now available.

Other Notes

Evidence will be pulled in the format specified in the response of the endpoint. For example, if evidence is retrieved as a CSV, it will be in that format, or JSON if that's the response format.