TEAM: Huntress Managed Security Information and Event Management (SIEM)
PRODUCT: HTTP Event Collector (HEC) Syslog
ENVIRONMENT: Keeper Security
SUMMARY: Configuration Guide for Keeper Security
Vendor Information
Vendor |
Keeper Security |
---|---|
Supported Model Name/Number |
N/A |
Supported Software Version(s) |
N/A |
Collection Method |
HTTP Event Collector |
Provider Name |
Keeper |
Additional Information |
You must be an Account Administrator in Huntress in order to follow the steps below.
Configuration Checklist
-
Create Token
-
Open Huntress Portal
- Click SIEM on the left navigation menu
- Click Source Management
- Click Add Source
- Click Keeper
- Click Add
- Provide a name for the Integration and an optional description.
- Click Save
- Copy the HTTP Event Collector Token value
-
You must have the Administrator role in Keeper in order to follow the steps below.
- Configure Integration in Keeper
- Log into Keeper Admin Console
- Click Reporting & Alerts
- Click External Logging
- Under the Splunk card, click Setup.
- In the Host field, copy the values from the Huntress Token you created in the previous step
- Host: hec.huntress.io
- Port: 443
- Token: Token copied from step 9 above.
- Click "Test Connection"
- If successful, click "Save"