Device Security
Send Security Alerts to SIEM
Table of Contents
Send Security Alerts to SIEM
Manually send security alerts from Device Security through Cortex XSOAR to
SIEM.
| Where Can I Use This? | What Do I Need? |
|---|---|
|
One of the following subscriptions:
One of the following Cortex XSOAR setups:
|
From Device Security, send a security alert to SIEM from the
Alerts Inventory page. You can also do this in the Actions menu in the Alert section
on the Device Details page.
By integrating Device Security through Cortex XSOAR with a third-party SIEM server,
Cortex XSOAR automatically exports data about devices, security alerts, and device
vulnerability in periodic incremental updates from Device Security to SIEM. Therefore,
it might be unnecessary to send a security alert to SIEM manually. However, if you
haven’t performed a bulk export to SIEM and you want to send a security alert that
wasn’t exported through the automatic incremental update process, then you can use
this option to send it manually.
Strata Cloud Manager
Manually send security alerts from Device Security in Strata Cloud Manager through
Cortex XSOAR to SIEM.
- Log in to the Device Security portal and select an alert on .Click .
![]()
Device Security sends the security alert in Common Event Format (CEF) through Cortex XSOAR to the SIEM server.
Legacy IoT Security
Manually send security alerts from the Device Security portal through
Cortex XSOAR to SIEM.
- Log in to the Device Security portal and select an alert on .Click .
![]()
Device Security sends the security alert in Common Event Format (CEF) through Cortex XSOAR to the SIEM server.
