Kaspersky Security Integration with SIEM is designed for the integration of Kaspersky Security for Microsoft Office 365 with Splunk Enterprise within the framework of the functionality described in this Help document.
To use Kaspersky Security Integration with SIEM, you must install the integration components and connect them to Kaspersky Business Hub, create an integration with Splunk Enterprise, specify connection parameters and integration settings, and select your customers' companies for the integration.
By using the product, you agree that said product may receive data from Splunk Enterprise and the connected companies, as well as store, process, and display information that is intended for ensuring product functionality.
By creating an integration and connecting Splunk Enterprise and companies to the product, you thus confirm that you are the sole owner of any data you provide or that you are entitled to provide any data.
For the purpose of integration of Kaspersky Business Hub and Splunk Enterprise, Kaspersky Security Integration with SIEM may receive, store, and process the following types of data:
The above data (specifically, data required to connect to the integrated software and integration settings) is transferred from Kaspersky Security Integration with SIEM to Kaspersky Business Hub. This data is processed there and is stored according to the terms and conditions of the Privacy Policy of Kaspersky Business Hub.
The data that Kaspersky Business Hub receives from Kaspersky Security Integration with SIEM is transferred to the Kaspersky Security for Microsoft Office 365 workspace. This data is processed there and is stored according to the terms and conditions of the agreements that were accepted during the workspace creation.
All received data is used by the MSP administrators and technicians. Kaspersky Technical Support specialists may also use the above data when an MSP administrator contacts Technical Support.
Page top