Kaspersky Web Traffic Security can use the Syslog protocol to publish events that occur during the operation of the application to an SIEM system that your organization is already using.
Information about each application event is transmitted as a separate syslog message in the CEF format ("CEF message").
A CEF message with information about an event is transmitted immediately after the event occurs.
By default, export of CEF messages in the application is disabled. You can configure the publication of events to a SIEM system and then enable the export of events.