This section explains how to integrate the data in the audit log, a record of all system activity, with your security information and event management (SIEM) products.
SIEM Integration Structure
The characteristics and functionality of an integration can be adjusted as needed using the following path: Company > Company Settings > SIEM Integrations.
The name of the integration.
The type of the integration.
Active or Inactive status of the integration.
The creation date of the integration.
Edit or delete an integration
Creating New Integration
From the main menu, go to Company > Company Settings > SIEM Integrations. Then click on the + NEW button to create a new SIEM configuration.
The information on the SIEM configuration edit page is detailed in the table below.
SIEM configuration name
Select this option to ensure that all data in the audit log will be transferred to your SIEM solution.
TIP:If this feature is inactive, only the audit log data recorded after defining the SIEM integration will be transferred to your SIEM solution.
SIEM integration type.
The next section describes how to initiate an integration.
The platform supports the following SIEM products, please click on it to view the related documentation.