Kaspersky Anti Targeted Attack Platform can publish information about user actions in the application web interface as well as alerts to your organization's SIEM system using the Syslog protocol.
You can use TLS encryption for data transmission.
If you have deployed the Central Node and Sensor components as a cluster, you can configure high availability integration with an external system using one of the following options:
To configure high availability integration with an external system using the Round Robin function:
Integration with the external system is configured based on the domain name. The external system will communicate with a random server in the cluster. If this server fails, the external system will communicate with another healthy server in the cluster.