: Send Security Alerts to SIEM
Focus
Focus

Send Security Alerts to SIEM

Table of Contents

Send Security Alerts to SIEM

Manually send security alerts from
IoT Security
through
Cortex XSOAR
to SIEM.
From the
IoT Security
portal, send a security alert to SIEM from the
Alerts
Security Alerts
page. You can also do this in the Actions menu in the Alert section on the Device Details page.
By integrating
IoT Security
through
Cortex XSOAR
with a third-party SIEM server, XSOAR automatically exports data about devices, security alerts, and device vulnerability in periodic incremental updates from
IoT Security
to SIEM. Therefore, it might be unnecessary to send a security alert to SIEM manually. However, if you haven’t performed a bulk export to SIEM and you want to send a security alert that wasn’t exported through the automatic incremental update process, then you can use this option to send it manually.
  1. Log in to the
    IoT Security
    portal and select an alert on
    Alerts
    Security Alerts
    All Alerts
    .
  2. Click
    More
    Send to
    SIEM
    .
    IoT Security
    sends the security alert in Common Event Format (CEF) through
    Cortex XSOAR
    to the SIEM server.

Recommended For You