AnsweredAssumed Answered

Questions About SIEM Integration With Security Analytics

Question asked by tpGrcF6bS0UrJKqKMMVl3A8Kgm9FCPrUcWw5QTN3wag= on Jan 14, 2015
Latest reply on Jan 15, 2015 by tpGrcF6bS0UrJKqKMMVl3A8Kgm9FCPrUcWw5QTN3wag=

Hi,

 

I don't have the SA product or any SA documentation.  I also don't see any official SA documentation (for installation, configuration, administration) on this community site.  If these items are here, please help me find them.  But my questions are:

 

1)  How does SA integrate with common SIEMs?  Via SOAP?  Files?  TCP?  I am talking about SIEMs such as ArcSight, FireEye, Splunk, AlienVault, and QRadar. 

 

2)  About how long does it take to integrate a single SIEM data source into SA?

 

Thanks.

Outcomes