I created my HTTP Source with HMAC authentication for CrowdStrike Falcon alerts but am receiving a 403 error.
HMAC authentication is not currently supported for this integration. Although it is less secure, a workaround is to use Shared secret authentication for your log source, with the key/value being x-cs-signature-algorithm: HmacSHA256
.
HMAC authentication is not currently supported for this integration, as CrowdStrike includes a custom header that we don't support yet.