- Cloud Collectors Overview
- Administration
- Administrative Access
- Shareable Service Accounts
- Add Accounts for AWS Cloud Collectors
- Add Accounts for Cisco Duo Cloud Collector
- Add Accounts for Google Cloud Collectors
- Add Accounts for Microsoft Cloud Collectors
- Add Accounts for Okta Cloud Collectors
- Add Accounts for Salesforce Cloud Collectors
- Add Accounts for Splunk Cloud Collectors
- Add Accounts for Trend Micro Cloud Collectors
- Add Accounts for Wiz
- Define a Unique Site Name
- Sign Up for the Early Access Program
- Onboard Cloud Collectors
- Abnormal Security Cloud Collector
- Anomali Cloud Collector
- AWS CloudTrail Cloud Collectors
- AWS CloudWatch Cloud Collector
- AWS CloudWatch Alarms Cloud Collector
- AWS GuardDuty Cloud Collector
- AWS S3 Cloud Collector
- AWS Security Lake Cloud Collector
- AWS SQS Cloud Collector
- Azure Activity Logs Cloud Collector
- Azure Log Analytics Cloud Collector
- Azure Event Hub Cloud Collector
- Azure Storage Analytics Cloud Collector
- Box Cloud Collector
- Cato Networks Cloud Collector
- Cisco Duo Cloud Collector
- Cisco Meraki Cloud Collector
- Cisco Secure Endpoint Cloud Collector
- Cisco Umbrella Cloud Collector
- Cloudflare Cloud Collector
- Cribl Cloud Collector
- CrowdStrike Cloud Collectors
- GCP Pub/Sub Cloud Collector
- Google Workspace Cloud Collector
- LastPass Cloud Collector
- Microsoft Defender XDR (via Azure Event Hub) Cloud Collector
- Microsoft Entra ID Context Cloud Collector
- Microsoft Entra ID Logs Cloud Collector
- Microsoft 365 Exchange Admin Reports Cloud Collector
- Supported Sources from Microsoft 365 Exchange Admin Reports
- Migrate to the Microsoft 365 Exchange Admin Reports Cloud Collector
- Prerequisites to Configure the Microsoft 365 Exchange Admin Reports Cloud Collector
- Configure the Microsoft 365 Exchange Admin Reports Cloud Collector
- Troubleshooting the Microsoft 365 Exchange Admin Reports Cloud Collector
- Microsoft 365 Management Activity Cloud Collector
- Microsoft Security Alerts Cloud Collector
- Microsoft Sentinel (via Event Hub) Cloud Collector
- Mimecast Cloud Collector
- Netskope Alerts Cloud Collector
- Netskope Events Cloud Collector
- Okta Cloud Collector
- Okta Context Cloud Collector
- Palo Alto Networks Cortex Data Lake Cloud Collector
- Proofpoint On-Demand Cloud Collector
- Proofpoint Targeted Attack Protection Cloud Collector
- Recorded Future Cloud Collector
- Recorded Future Context Cloud Collector
- Rest API Cloud Collector
- Salesforce Cloud Collector
- SentinelOne Alerts Cloud Collector
- SentinelOne Cloud Funnel Cloud Collector
- SentinelOne Threats Cloud Collector
- SentinelOne Cloud Collector
- ServiceNow Cloud Collector
- Sophos Central Cloud Collector
- Splunk Cloud Collector
- STIX/TAXII Cloud Collector
- Symantec Endpoint Security Cloud Collector
- Tenable Cloud Collector
- Trend Vision One Cloud Collector
- Trellix Endpoint Security Cloud Collector
- Vectra Cloud Collector
- Zoom Cloud Collector
- Zscaler ZIA Cloud Collector
- Webhook Cloud Collectors
- Wiz Issues Cloud Collector
- Wiz API Cloud Collector
- Troubleshooting Cloud Collectors
Define a Unique Site Name
Create unique site names within New-Scale Security Operations Platform to restrict access security data. You can manage multiple sites with distinct access.
Defining unique site names is a way to manage the access you provide to security data from specific sources. Once you create a unique site name, it becomes available to associate with a specific cloud or site collector instance. Event and alert data collected is then tagged with the site name and ID associated with that collector. Defining unique sites allows the following capabilities across your entire organization, including independent IT infrastructures or sites:
Associate logs with the respective site or IT infrastructure by tagging all log sources with the site name during log collection.
Use Search, Dashboard, and Correlation Rules within or across the entire organization, even when multiple sites have overlapping IP addresses.
Use the metadata fields m_sitename and m_siteid to search, correlate, and visualize security data for any defined site.
To create a new site:
Log in to the New-Scale Security Operations Platform with your registered credentials as an administrator or security engineer.
Note
Ensure that you have the appropriate permissions to define the site. For more information, see site management permissions.
Navigate to Settings > Site > Site Management.
The Site Management settings page opens.
At the top right of the page, click Add a New Site. The Add a New Site dialog box opens.
Note
You can create a new site while configuring a cloud collector and updating a site collector instance.
Enter a Site Name, and click Add Site.
A site ID is generated automatically and the new site with a unique name and ID is created. The new site becomes available to associate collectors with so that data collected by either cloud or site collectors is tagged appropriately. The
m_sitenameands_siteidfields are added to all events ingested by the collector associated with a unique site. These fields are available in downstream applications such as Search to identify data from a specific source.The Site ID is automatically generated and cannot be changed. But you can edit the Site Name by clicking the options icon (
) in the row for a specific site.Note
For all cloud collectors that use Webhooks, expect a delay of up to five minutes before logs reflect the updated site name tags.