SIEM integration is available for enterprise plans only.
The following Intezer Protect events can be exported to SIEM:
- Newly registered assets
- Assets that became offline
How it works
Intezer Protect exports events via a webhook over HTTPS in a generic JSON format. Some SIEM systems accept HTTPS natively, others require to transform the events into SIEM specific format before events are sent to the SIEM.
You can set up one or multiple webhooks under your account.
For integrations with a specific SIEM system, please contact us at firstname.lastname@example.org.