To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.
get logs/API
StevenGE
Posts: 11 Security Scout
Hi, I am using the PSB services and I am creating a SOC. we would like to be able to get the information from the PSB into our SOC... is it possible? essentially, we would like to get the AV, update & firewall events. If the PSB cannot send them is it possible to get this information from the workstations? thanks for your help.
0
Comments
-
Hi Steven,
It would be great if we could set a syslog server in a PSB profile and have PSB clients pump all the logs straight into a SIEM, but this isn't possible.
The best that is available is the WMI provider, but it doesn't provide anything like the detail you will require for a SOC:
6 -
Thanks. I did not know about this. it is a start... may be I'll be able to send notifications by email than catch them in the SOC... Still hoping for this functionality though...0
This discussion has been closed.
Categories
- All Categories
- 4.7K WithSecure Community
- 3.6K Products
- 1 Get Support