Jump to content
Kaspersky Support Forum

KSC Integration SIEM - Data format not configurable

siem.f

By siem.f
in Kaspersky Security Center

 Share

Recommended Posts

siem.f

siem.f

Posted
Posted

Hi,

I need to configure a KSC to send logs to the Elastic SIEM (ELK). The logs must be in CEF format but the "Data Fomart" field cannot be modified. Why? Is it because Kaspersky is in the cloud? It's remain System Log

image(1).thumb.png.7a33f6d6407692f237422972abd64b42.png

 

Guide for KasperskySecurity Center (About exporting events using CEF and LEEF formats (kaspersky.it)) tell me how change data format, guide for Security Center Cloud Console (Configuring Kaspersky Security Center Cloud Console for export of events to a SIEM system) no. Why?

Thanks.

JL - KL DACH

JL - KL DACH

Posted
Posted

Hello,

this is by design of the cloud product. You can only use syslog.

regards

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
 Share
Go to topic listing


×
×
  • Create New...