Configure Proofpoint TAP for Arctic Wolf monitoring

You can configure Proofpoint Targeted Attack Protection (TAP) to send the necessary logs to Arctic Wolf® for security monitoring.

Generate Proofpoint TAP service credentials

Sign in to the TAP dashboard.
Click Settings > Connected Applications.
Click Create New Credential.
Enter a name for the new credential set.
Click Generate.
Copy the Service Principal and Secret, and then save them in a safe, encrypted location. You will provide them to Arctic Wolf later.

Sign in to the Arctic Wolf Unified Portal.
In the navigation menu, click Data Collection > Cloud Sensors.
Click Add Account +.
On the Add Account page, click Proofpoint TAP.
Configure these settings:
- Account Name — Enter a unique and descriptive name for the account.
- Principal — Paste the appropriate value from Generate Proofpoint TAP service credentials.
- Secret — Paste the appropriate value from Generate Proofpoint TAP service credentials.
- Credential Expiry — (Optional) Enter the credential expiration date, if applicable.
Click Test and submit credentials.