Scenario: Configuring event export to SIEM systems

This section provides a scenario for configuring the export of events from Administration Server to external SIEM systems. Exporting information about events to external SIEM systems enables administrators of SIEM systems to respond promptly to security system events that occur on a managed device or groups of devices.

Prerequisites

Before you start configuring the export of events in the Kaspersky Security Center Cloud Console:

You can perform the steps of this scenario in any order.

Stages

The process of the export of events to a SIEM system consists of the following stages:

Results

After configuring the export of events to a SIEM system, you can view the export results if you selected events that you want to export.

See also:

Before you begin

About events in Kaspersky Security Center Cloud Console

About event export

Configuring an event export in a SIEM system

Marking of events for export to SIEM systems in Syslog format

About exporting events using Syslog format

Configuring Kaspersky Security Center Cloud Console for export of events to a SIEM system

Viewing export results

Page top