SIEM (Security Information and Event Management) is a recognized standard for collecting, aggregating, and analyzing events within an IT organization. This documentation provides detailed descriptions of, and step-by-step instructions for, the Identity Cloud's implementation of SIEM. In addition to this set of documents, you might also want to take a peek at the SIEM Event Delivery REST APIs.
In this section of the documentation
- An Introduction to SIEM Event Delivery
- The General Event Delivery Service Allow List
- An Important Note Concerning Duplicate Events
- Identity Cloud Event Management and Analysis Tools
- Identity Cloud SIEM Events
- How the SIEM Event Delivery Service Works
- Provisioning SIEM Event Delivery
- Adding the Akamai Account ID to the Application
- Activating/Deactivating SIEM Delivery Feeds
- Configuring Amazon S3 Buckets and Public Keys
- Managing Public Keys
- Suppressing SIEM Events
- Retrieving Data from an S3 Bucket
- Using Identity Cloud SIEM Events and SIEM Applications