cancel
Showing results for 
Search instead for 
Did you mean: 
Post a Question

How to integrate antibot and antivirus event with RSA SA(SIEM) TOOL

we are working on SIEM tool and also integrated checkpoint management logs with our Tool.also using smart event server . now we need to integrate Antibot,antivirus and threat emulation event with rsa sa (siem )tool.

please help on this. i am also checking DXL as well. is any other way to intigrate Antibot and antivirus event with RSA SA .

0 Kudos
3 Replies
Admin
Admin

Re: How to integrate antibot and antivirus event with RSA SA(SIEM) TOOL

All the logs for all the various Next Generation Threat Prevention technologies should be available via LEA.

I assume you've already done something similar to this: 000026235 - How to integrate Check Point Provid... | RSA Link 

0 Kudos

Re: How to integrate antibot and antivirus event with RSA SA(SIEM) TOOL

But this intigration steps not fetch antibot ,antivirus or other blade events

0 Kudos

Re: How to integrate antibot and antivirus event with RSA SA(SIEM) TOOL

Check Point and RSA are working together to add support in RSA SA for the threat prevention blades. Same for McAfee. Sorry can't provide a delivery date. See Yonatan's reply in R80.10 Opsec Lea issue.

0 Kudos