Skip to main content

Illumio Core 22.2 Administration Guide

SIEM Integration for Events

For analysis or other needs, event data can be sent using syslog to your own analytics or SIEM systems.

About SIEM Integration

This guide also explains how to configure the PCE to securely transfer PCE event data in the following message formats to some associated SIEM systems:

JavaScript Object Notation (JSON), needed for SIEM applications, such as Splunk®.
Common Event Format (CEF), needed for SIEM applications, such as Micro Focus ArcSight®.
Log Event Extended Format (LEEF), needed for SIEM applications, such as IBM QRadar®.

Illumio Tools for SIEM Integration

Illumio offers other tools for SIEM integration.

Illumio App for ServiceNow:

Software: Illumio App for CMDB
Documentation: Illumio App for ServiceNow 1.4.0

Was this helpful?

Would you like to provide feedback? Just click here to suggest edits.