KSMG can use the Syslog protocol to publish its events to a SIEM system that your organization is already using.
Information about each application event is transmitted as a separate syslog message in the CEF format ("CEF message").
A CEF message containing event information is relayed immediately after the event occurs. Exceptions to this rule are classes of ScanLogic group events; CEF messages of these classes are relayed after email messages are processed by the ScanLogic module.
By default, export of CEF messages from the application is disabled. You can configure the publication of events to a SIEM system and enable event export.