Ingest Authentication Logs and Data - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Administrator Guide

Cortex XSIAM
Creation date
Last date published
Administrator Guide

Ingest authentication logs from external authentication services—such as Okta and Azure AD—into authentication stories with Cortex XSIAM.

When you ingest authentication logs and data from an external source, Cortex XSIAM can weave that information into authentication stories. An authentication story unites logs and data regardless of the information source (for example, from an on-premise KDC or from a cloud-based authentication service) into a uniform schema. To search authentication stories, you can use the Query Builder or XQL Search.

Cortex XSIAM can ingest authentication logs and data from various authentication services.