SIEM Integrations
This section explains how to integrate the data in the audit log, a record of all system activity, with your security information and event management (SIEM) products.
SIEM Integration Structure
The characteristics and functionality of an integration can be adjusted as needed using the following path: Company > Company Settings > SIEM Integrations.
Integration Name
The name of the integration.
Integration Type
The type of the integration.
Status
Active or Inactive status of the integration.
Date Created
The creation date of the integration.
Action
Edit or delete an integration
Creating New Integration
From the main menu, go to Company > Company Settings > SIEM Integrations. Then click on the + NEW button to create a new SIEM configuration.
The information on the SIEM configuration edit page is detailed in the table below.
Configuration Details
Integration Name
SIEM configuration name
History Logs
Select this option to ensure that all data in the audit log will be transferred to your SIEM solution. TIP: If this feature is inactive, only the audit log data recorded after defining the SIEM integration will be transferred to your SIEM solution.
Integration Type
SIEM integration type.
The next section describes how to initiate an integration.
Integrations
The platform supports the following SIEM products, please click on it to view the related documentation.
FAQ
Q: What are the kinds of information/logs which can be sent to a SIEM like Sentinel from Keepnet?
A: All audit information/logs under Company > Audit Log is sent to the SIEM server.
Last updated