Forward logs from Cortex XSIAM to external services - Administrator Guide - Cortex XSIAM - Cortex - Security Operations

Cortex XSIAM Documentation

Product
Cortex XSIAM
Creation date
2024-03-06
Last date published
2024-09-12
Category
Administrator Guide
Abstract

Learn how to forward logs from Cortex XSIAM to external services such as email, Slack, or a syslog receiver.

You can forward logs from Cortex XSIAM to an external service. This allows you to stay updated on important alerts and events. Available services include the following:

  • Slack channel and/or syslog receiver: Integrate the service with Cortex XSIAM. Once the integration is complete, configure notification forwarding specifying the log type you want to forward.

  • Email distribution list: Configure notification forwarding specifying the log type you want to forward.

The following table shows the log types supported for each notification type:

Log Type

Email

Slack

Syslog

Alerts

Agent Audit log

Notice

Requires Cortex XSIAM per Endpoint

Management Audit log

Data Ingestion Health alerts

Reports