SIEM Integrations
Last updated
Last updated
Copyright © Keepnet Labs LTD. All rights reserved.
This section explains how to integrate the data in the audit log, a record of all system activity, with your security information and event management (SIEM) products.
The characteristics and functionality of an integration can be adjusted as needed using the following path: Company > Company Settings > SIEM Integrations.
From the main menu, go to Company > Company Settings > SIEM Integrations. Then click on the + NEW button to create a new SIEM configuration.
The information on the SIEM configuration edit page is detailed in the table below.
The next section describes how to initiate an integration.
The platform supports the following SIEM products, please click on it to view the related documentation.
A: All audit information/logs under Company > Audit Log is sent to the SIEM server.
Integration Name
The name of the integration.
Integration Type
The type of the integration.
Status
Active or Inactive status of the integration.
Date Created
The creation date of the integration.
Action
Edit or delete an integration
Integration Name
SIEM configuration name
History Logs
Select this option to ensure that all data in the audit log will be transferred to your SIEM solution. TIP: If this feature is inactive, only the audit log data recorded after defining the SIEM integration will be transferred to your SIEM solution.
Integration Type
SIEM integration type.