Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CB Defense: Can the information sent to SIEMs be configured or modified?

CB Defense: Can the information sent to SIEMs be configured or modified?

Environment

  • CB Defense Web Console: All Versions
  • CB Defense SIEM Connector: All Versions

Question

Can the information that is sent to the SIEMs be configured?
  • For example: Add the Threat Category information from the CBD web console to the feed of information sent to the SIEM

Answer

At this time, the only configurations allowed for the SIEM output is what type of events are sent, configured in the Notification settings. It is not possible to modify what information is sent inside of those events.

Additional Notes

There is an open feature request in the Idea Central to add this capability to the product here: More Complete Logging of Events to SIEM through Connector Notifications 

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎02-25-2019
Views:
853
Contributors