Configuring the main settings for SIEM system integration
To configure the main settings for SIEM system integration:
In the window of the program web interface, select the Settings section, SIEM System subsection.
Turn on the toggle switch next to the name of the Remote Log parameter if it is turned off.
In the Host/IP field, enter the IP address or host name of the server of your SIEM system.
In the Port field, enter the port number used for connecting to your SIEM system.
In the Protocol field, select TCP or UDP.
In the External device ID field, specify the ID of the device on which your SIEM system is installed.
In the Heartbeat field, enter the interval for sending messages to the SIEM system about the status of Kaspersky Anti Targeted Attack Platform components.
Click Apply in the lower part of the window.
The main settings of integration with the SIEM system will be configured.