Skip Navigation

Send events to a SIEM solution or syslog server

Security Information and Event Management (SIEM) software collects, analyzes, and aggregates security data from multiple sources to detect potential security threats. You can choose to send the events detected by
Cylance Endpoint Security
solutions to your organization’s SIEM software or syslog server. The alert data that is sent to a SIEM or syslog server is the same alert data that is displayed in the management console. For more information about the specific events reported by
Cylance Endpoint Security
solutions, see the Syslog Guide.
  1. In the management console, on the menu bar, click
    Settings > Application
    .
  2. Select the
    Syslog/SIEM
    check box.
  3. Select the events that you want to send to your organization's SIEM or syslog integration. For more information about each event type, see the Syslog Guide.
  4. Specify the information for your SIEM or syslog integration.
  5. Click
    Test Connection
    to verify the settings.
  6. Click
    Save
    .