This is general guide on how to access the SIEM Integration setting.
Plan Availability
Sharetru's SIEM integration is available for the following plans:
- Performance on the Standard Security Platform (Standard)
- Enterprise (non-legacy) (Standard)
- Legacy dedicated server plans on the Standard Security Platform
- Performance on the Advanced Security and Compliance Platform (ASCA)
- Enterprise (non-legacy) (ASCA)
- Legacy dedicated server plans on the ASCA platform
How to Access SIEM Integration
The SIEM integration page is reached via Settings menu, Integrations - SIEM.
When your SIEM feature is first enabled, the page will have no SIEM information:
Select the Service to use/implement/configure from the drop-down.
Note: The data sent to you SIEM system mirrors the events available in the Sharetru API. See your API documentation for detailed information on event types and values.
* Please see our dedicated Knowledge Base articles on each of the SIEM integrations we
support.
IBM QRadar
Manage Engine Log 360
Microsoft Sentinel DCE
Open Text ArcSight
Splunk HEC
Sumo Logic
Syslog