SIEM Integration – Attaching Custom Fields to Every Event

Posted by jonathango on August, 18, 2022

Administrators can now define custom fields to be added to every event forwarded to SIEM platforms 

Organizations’ SIEM platforms are part of critical IT security processes. To support these automated processes, the data received from the security vendor is often not enough and additional custom tagging is required.

Administrators can now define up to five fields and values to be added to every forwarded event, so these events can be properly managed and cataloged.

This is especially useful for MSPs and large global organizations, with several portals forwarding events to the same SIEM platform.

To do that, go to Configuration -> Security Engines -> SIEM Integration -> Configuration -> Add custom field.