SIEM Mimecast

[Aswin dev]

how to integrate Mimecast in SIEM?

[Anthony Faruna]

Hello Aswin

Thank you for using Wazuh.To ingest logs into Wazuh, you can use Wazuh agent to collect and forward logs to Wazuh manager, or you can configure syslog on a log source (in your case, Mimecast) to forward logs to Wazuh Manager.Looking at the out of the box decoders/rules, you will need to create decoders and rules for the Mimecast log source.Here are some of the links that you can use to configure Wazuh to ingest logs from the Mimecast log source, and also create decoders/rules to parse and alerts you when these logs get to Wazuh.syslog configuration: https://documentation.wazuh.com/current/user-manual/capabilities/log-data-collection/how-it-works.html#log-collection
Decoders/rules: https://documentation.wazuh.com/current/user-manual/ruleset/custom.htmlPlease let me know if this helps!

On Thu, Nov 3, 2022 at 12:03 PM Aswin dev <devpk...@gmail.com> wrote:

how to integrate Mimecast in SIEM?

--
You received this message because you are subscribed to the Google Groups "Wazuh mailing list" group.
To unsubscribe from this group and stop receiving emails from it, send an email to wazuh+un...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/wazuh/944e8366-d47d-4dc2-8b3d-73ee76bdbdcen%40googlegroups.com.