Skip to main content

Security ContentExabeam Security Content in the Legacy Structure

Understanding the Log

flow_02.png

Exabeam can ingest logs directly from a source, fetch logs from SIEM log repositories, or ingest logs via Syslog - including from Exabeam Data Lake. These logs provide insight into the activity of both users and entities (like servers and workstations) and they help surface security issues across your enterprise. Context sources outside of the logs contribute additional information that help make sense of the log data.

Once logs have been collected, they can be parsed in Data Lake and Advanced Analytics. The following topics discuss how to determine which logs are worth parsing and how to identify fields of interest within the logs.