Handle Events for System Monitoring and Reporting

The API does not provide endpoints for obtaining and manipulating Deep Security Manager event data. Instead, we encourage you to forward system and security events to an external syslog server or security information and event management (SIEM) server.

SIEMs enable you to effectively act on the event data that you collect. The following typical tasks are easy to implement with a SIEM:

  • Create dashboards to easily monitor the status of your security and recognize problems as they occur.
  • Automate alerting when specific events occur so that you can react quicky.
  • Store event data for the long term so that you can recognize trends and also to adhere to compliance regulations if needed.
  • Amalgamate data to see how events from all of your business systems are affecting each other.

To learn how to integrate Deep Security Manager with a syslog or SIEM, see the Deep Security Help Center.

To learn about events, see Event collection in Deep Security.   See also Generate reports about alerts and other activity.