Configuring integration with an SIEM system

Kaspersky Anti Targeted Attack Platform can publish alerts to a SIEM system already in use at your organization using the Syslog protocol.

You can use TLS encryption for data transmission.

In this Help section

Enabling and disabling event logging to a local log

Enabling and disabling event logging to a remote log

Configuring the main settings for SIEM system integration

Enabling and disabling TLS encryption of the connection with the SIEM system

Uploading a TLS certificate

Content and properties of syslog messages about alerts

Page top