In the Moveworks Gov environment, we have a need to be able to ingest the Configuration and Permissions logs into our corporate SIEM. Currently, those logs are only available in the Moveworks Console.
As part of our CMMC requirements to authorize Moveworks to handle CUI data, we need to have a centralized location for all of our logs to be ingested and monitored by our SOC.
We are already ingesting the logs that are available to us for API calls but adding a mechanism to also be able to ingest these logs into an external system is likely a requirement for many other CMMC accredited companies. As an example, log entries such as someone being elevated to a Super Admin would be the type of activity that our SOC needs to be able to monitor across all of our SaaS applications.