Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

CBC: What are the sizing requirements when the Data Forwarder sends alert information to a SIEM

CBC: What are the sizing requirements when the Data Forwarder sends alert information to a SIEM

Environment

  • CBC Console: All versions.
  • Endpoint Standard sensor: All versions.
  • EEDR sensor: All versions.
  • SIEM: All vendors, all versions.

Question

What are the sizing requirements when the Data Forwarder sends alert information to a SIEM?

Answer

There are no hard numbers in bytes, since the data forwarded is configurable (both for analytics and watchlist alerts).
Details can be found in this documentation: Data Forwarder Fields

Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎08-10-2022
Views:
67
Contributors