Device | Details |
---|---|
Vendor | Microsoft |
Device Type | Threat Analytics |
Connection Type | Syslog |
Data Source Name | microsoft-ata |
Data Source ID | 1850 |
Integrating Microsoft Advanced Threat Analytics (ATA)
To configure Microsoft ATA to send Syslog messages to Sheriff CSM- On the ATA Center server, click the Microsoft Advanced Threat Analytics Management icon on the desktop and log in.
-
Select the Settings option on the toolbar and choose Configuration.
- Under the Configure syslog notifications section, select Syslog server and fill out the fields
- Syslog server endpoint — enter the IP of Sheriff CSM and port 514 if you're using UDP, or 601 if you're using TCP.
- Transport — select UDP, TCP, or TLS
- Format — select RFC 3164
-
Click Save.