Does anyone have any experience with exporting the logging data from UMS to a SIEM platform such as LogRhythm? We need to collect the UMS user and Administrator actions and events.
nothing officially implemented, we might expect a change on UMS12, with the upcoming insight service, but nothing I can promise on short term…
Which events are you looking for?
Please upvote: igel.nolt.io/104 igel.nolt.io/104 if not done already.
We’re looking to see which accounts are logging in to the UMS (web)console and see which actions they are taking for auditing purposes, such as creating/changing/removing/(un)assigning profiles, licensing actions and firmware updates
Collect log files from UMS server and follow your tool’s ETL process
ETL = extract transform load
kb.igel.com/endpointmgmt-12.01/en/where-can-i-find-the-igel-ums-log-files-77864314.html
Continue reading and comment on the thread ‘Can we export the logging data from UMS to a SIEM platform?’. Not a member? Join Here!
Learn more, search the IGEL Knowledge Base
Ask a question or comment on the above message thread?
Join or log in to the IGEL Community to ask us anything and meet other IGEL customers, partners, and EUC enthusiasts.Submit a question, or Join Today!