Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Getting started with SIEM Integration
Getting started with SIEM Integration
Forcepoint Cloud Protection Solutions | Getting started with SIEM Integration
Administrators using Forcepoint Web Security Cloud have the option to download reporting data for use by a third-party Security Information and Event Management (SIEM) solution.
Once you have enabled SIEM logging in the Forcepoint Security Portal, you can schedule a regular process to download the logs and save them to a location of your choice. Logs are retained in the cloud service for 14 days.
 
Important 
Once the feature has been enabled for your account, follow the steps in this paper to set up and use SIEM logging. See:
1.
Setting up SIEM integration provides step-by-step instructions for setting up SIEM logging in the Forcepoint Security Portal, accessing the log files, and understanding the sample download script.
2.
Schedule log file download describes the issues you must be aware of when downloading the logs, and how to schedule the download process.
3.
File format definition for SIEM logging describes the contents of a log file, with examples.
If you encounter unexpected issues while setting up SIEM logging, see Troubleshooting SIEM logging.

Go to the table of contents Go to the previous page Go to the next page View or print as PDF
Getting started with SIEM Integration
Copyright 2020 Forcepoint. All rights reserved.