SIEM Stream Creation/Modification In AIS Managed SIEM

Key steps:

  1. Find the AIS Managed SIEM Input you wish to use for the new Stream.
  2. Click “Show Received Messages” next to the desired Input. Copy the Search Query near the top of the page.
  3. Click “Create Stream”.
  4. Add title and Description.
  5. Click checkbox “Remove matches from All Messages” stream.
  6. Click “Save”.
  7. Find the newly created Stream and click “Manage Rules” next to it.
  8. Click “Add Stream Rule”.
  9. In the Field textbox, type gl2_source_input Value textbox.
  10. Use the second part of the Search Query from Step 2. Note: Do not include the colon.
  11. Type the Input Name as the description.
  12. Click “Save”.
  13. Click the radio button on the left side “A message must match at least one of the following rules”.
  14. Click “I’m done!”
  15. Find the newly created Stream and click “Start Stream”.
  16. Click the Stream name to verify that messages are now appearing in the Stream.
AIS Managed SIEM

Cloud-based Security Information and Event Management platform that provides the proactive, preventative maintenance and technology you need to secure your workstations, servers, devices and networks. Multi-Platform Protection for Critical Business-Grade Anti-Virus and Analytics, Enterprise-Grade Anti-Malware Threat Intelligence, Filtering Web Content, Firewall Services, Reviewing firewall rules, Patching the latest vulnerabilities discovered, Inbound and Outbound Email Security.

Last modified April 15, 2021
Get Started Now