Issue

I created my HTTP Source with HMAC authentication for CrowdStrike Falcon alerts but am receiving a 403 error. 

Resolution

HMAC authentication is not currently supported for this integration. Although it is less secure, a workaround is to use Shared secret authentication for your log source, with the key/value being x-cs-signature-algorithm: HmacSHA256.  

Cause

HMAC authentication is not currently supported for this integration, as CrowdStrike includes a custom header that we don't support yet.