Environment
- CB Defense Web Console: All Versions
- CB Defense SIEM Connector: All Versions
Question
Can the information that is sent to the SIEMs be configured?
- For example: Add the Threat Category information from the CBD web console to the feed of information sent to the SIEM
Answer
At this time, the only configurations allowed for the SIEM output is what type of events are sent, configured in the Notification settings. It is not possible to modify what information is sent inside of those events.
Additional Notes
Related Content