Ezeelogin - A secure SSH Jump Server solution

SIEM

Integrates with SIEM types such as syslog and Splunk to ingest and visualize data.

SIEM Settings

Enable                Enable/ Disable all log steaming to SIEM

SIEM Type                Select SIEM type to push data to. Syslog and Splunk are supported

Authentication Logs         Enable/Disable authentication logs streaming to SIEM

Web Activity Logs         Enable/Disable web activity logs streaming to SIEM

Gateway Activity Logs         Enable/Disable gateway activity logs streaming to SIEM

Server Activity Logs        Enable/Disable server activity logs streaming to SIEM

SSH Logs                Enable/Disable ssh logs streaming to SIEM

Parallel Shell Logs         Enable/Disable parallel shell command execution logs streaming to SIEM

RDP Logs                Enable/Disable RDP access logs streaming to SIEM

Web Proxy Logs        Enable/Disable  web proxy logs streaming to SIEM

Web Proxy Activity        Enable/Disable web proxy activity logs streaming to SIEM

Splunk Settings

HTTP Event Collector URL Splunk's HTTP Event Collector URL allows to send data to Splunk from external sources via HTTP for collecting, indexing, and analyzing the data. For example, the URL would be https://<your-splunk-server>:<port>/services/collector/event

HTTP Event Collector Token This token is used to authenticate and authorize data sent to Splunk using the HEC configured.