search cancel

Forwarding metadata to SIEM tool

book

Article ID: 241148

calendar_today

Updated On:

Products

Security Analytics Security Analytics - VA

Issue/Introduction

The metadata may be wanted on a SIEM tool for external use.  This can be done but is not recommended.

Resolution

Security Analytics has an API which can be used to access the Analyze Summary reports.  A report may then be run and the data collected using the raw.tsv format. 

This may not be complete because the timing of gathering the reports may leave gaps.  The system can be overloaded if too much is requested.  This functionality is not recommended except for a very small amount of metadata.