Connecting Mimecast to ContraForce

Mimecast data can be sent to ContraForce by using an API service account. This article will cover how to create the service account and the requirements.

How does the connector work? 

ContraForce can ingest data from Mimecast through a log collector connected to your ContraForce environment. ContraForce will set up and manage this log collector on your behalf. A service account will be created in Mimecast to authenticate with the log collector that feeds data to your ContraForce environment.    

Enable Enhanced Logging in Mimecast

The first step is to enable the Enhanced Logging feature in Mimecast. This feature can be enabled under Administration > Account > Account Settings > Enhanced Logging. More information can be found here.

Creating the Service Account and API Credentials   

A new user is created to function as the service account used with the ContraForce API. Note that the account created needs to have Admin permissions and read access to the items listed below. A summary of the account details that will need to be provided to ContraForce are below. More information can be found here under the Creating a Service Account User and Generate Access and Secret Key sections.

Account Read Access Requirements

  • Audit Logs: Account | Logs
  • URL Protect logs: Monitoring | URL Protection
  • Impersonation Protect: Monitoring | Impersonation Protection
  • Attachment Protect: Monitoring | Attachment Protection
  • Secure Email Gateway: Gateway | Tracking

Account Details 

As you are creating the service account, remember to save the details listed below. They will be needed by the ContraForce Security Engineering team.

  • Email (contraforce.api@companydomain.com)
  • Password
  • Application Id
  • Application Key
  • Access Key
  • Secret Key

If you have any questions about this process, please contact the ContraForce Support Team. We are more than happy to walk through the configuration process with you!