siem-settings

Contains Security Information Event Management (SIEM) integration settings.

API DiscoveryAPI SecurityCloud SecurityPosture ManagementRuntime ProtectionThreat Protection

Properties

Name Type Description
enableForAllPolicies boolean Whether you enabled SIEM for all the security policies in the configuration version.
enableSiem boolean Whether you enabled SIEM in a security configuration version.
enabledBotmanSiemEvents boolean __Deprecated__ Whether you enabled SIEM for the Bot Manager events. Use `exceptions` parameter instead to set botman siem events exception.
exceptions array Describes all attack type exceptions that will be ignored in siem events.
firewallPolicyIds array The list of security policy identifiers for which to enable the SIEM integration.
siemDefinitionId integer Uniquely identifies the SIEM settings.
View JSON Schema on GitHub