KSC Integration SIEM - Data format not configurable

siem.f · May 10

Hi,

I need to configure a KSC to send logs to the Elastic SIEM (ELK). The logs must be in CEF format but the "Data Fomart" field cannot be modified. Why? Is it because Kaspersky is in the cloud? It's remain System Log

Guide for KasperskySecurity Center (About exporting events using CEF and LEEF formats (kaspersky.it)) tell me how change data format, guide for Security Center Cloud Console (Configuring Kaspersky Security Center Cloud Console for export of events to a SIEM system) no. Why?

Thanks.

JL - KL DACH · May 14

Hello,

this is by design of the cloud product. You can only use syslog.

regards

KSC Integration SIEM - Data format not configurable

Recommended Posts

siem.f

Link to comment

Share on other sites

JL - KL DACH

Link to comment

Share on other sites

Please sign in to comment

Forum

Products

Support

Personal Account