Integration with SIEM

This integration allows for the transfer of information from Platform’s event log to syslog, in order to timely notify the internal infrastructure services of the client about potential issues.

Warning

Only the System Administrator can configure the data transfer to syslog.

Data transfer is configured separately for each tenant. To configure event transfer, follow these steps:

• click “Event Log” in the left panel;

  

• in the upper left corner, click on the line “Syslog data transfer”;

• in the opened window, fill in the fields:

  • “IP” — the IP address of the syslog service server;

  • “Port” — the port of the syslog service.

  

• switch the toggle to the right position to send data to syslog;

• Click ‘Apply’.

Data transfer states:

• “Not configured” — the “IP” and “Port” fields are not filled in;

  

• “Not activated” — the “IP” and “Port” fields are filled in, but the toggle “Send data to syslog” is in the left position. To start the transfer, switch it to the right position;

  

• “Activated” — data transfer is enabled and working;

  

• “Error” — an error occurred during data transfer. Click on the line to open the window and see the full text of the error. If an error occurs with an activated working integration, the system will send a notification.

  

• “Connecting…” - sending data during startup.