Guide
TrainingSupportCommunity

SIEM support with Unified Log Streamer

Suggest Edits

Stream EAA data-feeds into SIEM. It's common for organizations with mature security environment to have a Security Operations Center (SOC) that leverages security information and event management (SIEM) tools. SIEM provides a centralized view for security teams to access and analyze security information from a large number of sources, and prioritize mitigation efforts based on risk profiles.

EAA Unified Log Streamer allows you to stream EAA data feeds into your SIEM, no need to learn the API, it immediately gets you started.

Key features:

  • Continuous streaming to SIEM using TCP, UDP, HTTP, or flat File

  • Highly customizable

    • Choose between different EAA feeds

    • Filter any data you want to discard before sending it to SIEM

  • Operate as standalone script, service, Docker Container Image, or Kubernetes/Helm

  • No extra charge

The ULS GitHub project contains the detailed instructions to setup and operate ULS with your SIEM.

Updated over 2 years ago