Jump to content
Ernest B

Syslog forward events to a SIEM

Recommended Posts

Hi we have Immunet running on a few windows machines and would like to ingest Immunets event log into a SIEM. I am not able to find any configuration options nor anything in the documentation suggesting that it is possible for Immunet to send out events to a remote syslog server or a SIEM.. For example ClamAV on RHEL producer rich event logs of its activities, like update on the definitions, scan results, etc.. this is the kind of information we are interested in.

 

What are the available options with Immunet and how to set it up, if possible?

Share this post


Link to post
Share on other sites

Hello Ernest B,

To my knowledge Immunet can't be integrated into a System Information and Event Management configuration as a remote protocol.

Immunet would also be incompatible with Red Hat Enterprise Linux since Linux is an Operating System that is not supported. Immunet only supports Microsoft Windows platforms.

Additionally Immunet's history.db files are inaccessible by third-party software. This is a built-in security feature to help keep the files from being corrupted by outside sources.

There is an enterprise version of Immunet called AMP for Endpoints that might better suit your needs! It's "much more customizable" than Immunet. AMP (Advanced Malware Protection) is not free like Immunet but it is reasonably priced and easily deployed to multiple endpoints.

Here's a URL link if you'd like to check it out for yourself. https://www.cisco.com/c/en/us/products/security/amp-for-endpoints/index.html

Regards, Ritchie...

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...

×
×
  • Create New...