Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 

Configuring Lastline Enterprise to Communicate with JSA

 

On the Lastline Enterprise system, use the SIEM settings in the notification interface to specify a SIEM appliance where Lastline can send events.

  1. Log in to your Lastline Enterprise system.
  2. On the sidebar, click Admin.
  3. Click >Reporting > Notifications.
  4. To add a notification, click the Add a notification (+) icon.
  5. From the Notification Type list, select SIEM.
  6. In the SIEM Server Settings pane, configure the parameters for your JSA Console or Event Collector. Ensure that you select LEEF from the SIEM Log Format list.
  7. Configure the triggers for the notification:

    1. To edit existing triggers in the list, click the Edit trigger icon, edit the parameters, and click Update Trigger.

    2. To add a trigger to the list, click the Add Trigger (+) icon, configure the parameters, and click Add Trigger.

  8. Click Save.