siem-settings

Contains Security Information Event Management (SIEM) integration settings.

API DiscoveryAPI SecurityCloud SecurityPosture ManagementRuntime ProtectionThreat Protection

Name	Type	Description
enableForAllPolicies	boolean	Whether you enabled SIEM for all the security policies in the configuration version.
enableSiem	boolean	Whether you enabled SIEM in a security configuration version.
enabledBotmanSiemEvents	boolean	__Deprecated__ Whether you enabled SIEM for the Bot Manager events. Use `exceptions` parameter instead to set botman siem events exception.
exceptions	array	Describes all attack type exceptions that will be ignored in siem events.
firewallPolicyIds	array	The list of security policy identifiers for which to enable the SIEM integration.
siemDefinitionId	integer	Uniquely identifies the SIEM settings.