SIEM Configuration
  • 18 Oct 2020
  • 1 Minute To Read
  • Print
  • Share
  • Dark
    Light

SIEM Configuration

  • Print
  • Share
  • Dark
    Light

SecureCircle has direct integration with Splunk and IBM Qradar. SecureCircle also supports any SIEM or Syslog aggregation tool that accepts Syslog input.

siem.png

There is no default SIEM integration. SecureCircle server will log basic information for operations, troubleshooting, and debug. To record all client activity for real-time monitoring, orchestration, and auditing output the detailed activity logs to a SIEM.

To add a SIEM integration, click on SIEM on the left navigation bard. Click on Add Server. Depending on which server type selected, fill in the required information. Click Add.

If your SIEM is not listed but supports standard Syslog input please select Qradar from the Add Server dropbox options.

To Modify a SIEM integration, click on the checkbox field of the server(s) you want to modify. Click the Actions button. Click Modify. Change the appropriate fields and click Modify.

To Delete a SIEM integration, click on the checkbox field of the server(s) you want to delete. Click the Actions button. Click Delete. Click Delete again to confirm.

Was This Article Helpful?