Configuring the main settings for SIEM system integration
To configure the main settings for SIEM system integration:
- In the window of the program web interface, select the Settings section, SIEM System subsection.
- Select the Activity log and/or Alerts check boxes.
You can select one check box or both check boxes.
- In the Host/IP field, enter the IP address or host name of the server of your SIEM system.
- In the Port field, enter the port number used for connecting to your SIEM system.
- In the Protocol field, select TCP or UDP.
- In the Host ID field, enter the host ID. The host with that ID is specified as the alert source in the log of the SIEM system.
- In the Heartbeat field, enter the interval for sending messages to the SIEM system.
- Click Apply in the lower part of the window.
The main settings of integration with the SIEM system will be configured.
Users with the Security auditor role can only view information about the SIEM system integration settings.
Page top