Introduction to SIEM event delivery
The world is a busy place, and the âAkamaiâ Identity Cloud is no exception. New users come to your website and create accounts. Existing users come back to your website and log on. Users change their addresses and forget their passwords; support personnel create new entity type schemas and modify existing entity type schemas. As an Identity Cloud administrator, the list of event types that might be of interest to you goes on and on.
And on.
Anytime one of these events occurs, the âAkamaiâ Identity Cloud tracks what happened, and when (and where and âŚ.). In turn, this information is stored in an events database, a tool that âAkamaiâ uses to do such things as help monitor performance and trends, help spot potential security issues, and help plan for future improvements to the product.
Thatâs great for âAkamaiâ, but what about âAkamaiâ customers? Well, the good news is that a subset of these events has always been made available to Identity Cloud subscribers. The not-so-good news? As a general rule, accessing these events hasnât always been easy (especially if you were interested in getting a copy of the raw data). Likewise, describing the events made available to customers a âsubset of eventsâ has been very apt: organizations have only been given access to a handful of events, most of which involved user logins and registrations. Thereâs nothing wrong with that: user logins and registrations are events organizations need to know about. At the same time, however, administrators are interested in more than just user logins and registrations. For better or worse, however, getting a handle on everything that talks place in the Identity Cloud â all the API clients that were created or deleted, all the entity types that were purged, all the access tokens that were granted â hasnât always been easy.
To say the least.
Fortunately, and thanks to the new General Event Delivery service, those two problems â a lack of event types and difficulty accessing those events â are largely a thing of the past. For one thing, the General Event Delivery service will soon triple the number of events available to organizations, with even more event types on the way . On top of that, there are several different ways to access this event information, starting with the subject of this documentation: SIEM Event Delivery.
Before you ask, SIEM (pronounced âsimâ) is short for Security Information and Event Management, and is a recognized standard for aggregating, and analyzing, events within an IT organization. For more information, see the articleSIEM event details.
Updated 4 months ago