Scenario: Configuring event export to SIEM systems

Kaspersky Security Center Linux allows configuring event export to SIEM systems by one of the following methods: export to any SIEM system that uses Syslog format or export of events to SIEM systems directly from the Kaspersky Security Center database. When you complete this scenario, Administration Server sends events to a SIEM system automatically.

Prerequisites

Before you start configuration export of events in the Kaspersky Security Center Linux:

You can perform the steps of this scenario in any order.

The process of export of events to a SIEM system consists of the following steps:

Results

After configuring export of events to a SIEM system you can view export results if you selected events which you want to export.

See also:

About event export

Before you begin

About events in Kaspersky Security Center Linux

About configuring event export in a SIEM system

Marking events of a Kaspersky application for export in the Syslog format

Marking general events for export in Syslog format

Configuring Kaspersky Security Center Linux for export of events to a SIEM system

Exporting events directly from the database

Viewing export results

Page top