9.6 SIEM Integration

SIEM integration with Filr has made Filr more secure and robust. Filr Administrator can enable or disable the SIEM services on Filr.

9.6.1 SIEM Configuration Dialog

Path: Port 8443 Filr Admin Console System > SIEM

Table 9-6 SIEM Configuration Dialog

Field, Option, or Button

Information and/or Action

  • Enable SIEM

  • By default, this checkbox is disabled.

  • Selecting this, CEF events are generated for login and user activities.

  • Server URL where Zookeeper and Kafka services are running

  • 127.0.0.1:9092 is autopopulated. The IP address of the server where Zookeeper and Kafka services are running.

  • Check Services

  • Click this to check if the Zookeeper and Kafka services are running.