8.7 SIEM Integration

SIEM integration with Filr has made Filr more secure and robust. Filr Administrator can enable or disable the SIEM services on Filr. For more information on SIEM integration, see SIEM Integration with Filr.

8.7.1 SIEM Configuration Dialog

Path: Port 8443 Filr Admin Console System > SIEM

Table 8-7 SIEM Configuration Dialog

Field, Option, or Button	Information and/or Action
Enable SIEM	By default, this checkbox is disabled. Selecting this, CEF events are generated for login and user activities.
Server URL where Zookeeper and Kafka services are running	127.0.0.1:9092 is autopopulated. The IP address of the server where Zookeeper and Kafka services are running.
Check Services	Click this to check if the Zookeeper and Kafka services are running.