- Using dashboards
- Managing users, devices, and groups
- Managing threats detected by CylancePROTECT Desktop
- Managing threats detected by CylancePROTECT Mobile
- Managing safe and unsafe lists for CylancePROTECT Desktop and CylancePROTECT Mobile
- Add a file to the CylancePROTECT Desktop global quarantine or global safe list
- Add a file to the CylancePROTECT Desktop local quarantine or local safe list
- Add a certificate to the CylancePROTECT Desktop global safe list
- Add an app, certificate, IP address, or domain to a CylancePROTECT Mobile safe or restricted list
- Analyzing data collected by CylanceOPTICS
- Using CylanceOPTICS to detect and respond to events
- Managing user risk with CylancePERSONA Desktop
- Monitoring network connections with CylanceGATEWAY
- View mobile OS vulnerabilities
- Auditing administrator actions
- Managing logs
- Send events to a SIEM solution or syslog server
- Enable access to the Cylance User API
- Troubleshooting Cylance Endpoint Security
- BlackBerry Docs
- Cylance Endpoint Security
- Administration
- Cylance Endpoint Security Administration Guide
- Send events to a SIEM solution or syslog server
Send events to a SIEM solution or syslog server
Security Information and Event Management (SIEM) software collects, analyzes, and aggregates security data from multiple sources to detect potential security threats. You can choose to send the events detected by
Cylance Endpoint Security
solutions to your organization’s SIEM software or syslog server. The alert data that is sent to a SIEM or syslog server is the same alert data that is displayed in the management console. For more information about the specific events reported by Cylance Endpoint Security
solutions, see the Syslog Guide.- In the management console, on the menu bar, clickSettings > Application.
- Select theSyslog/SIEMcheck box.
- Select the events that you want to send to your organization's SIEM or syslog integration. For more information about each event type, see the Syslog Guide.
- Specify the information for your SIEM or syslog integration. For more information, see the Syslog Guide.
- ClickTest Connectionto verify the settings.
- ClickSave.