- Exabeam Site Collector
- Exabeam Site Collector Network Ports
- Exabeam Site Collector Specifications
- Install Exabeam Site Collector
- Upgrade Exabeam Site Collector
- Advanced Exabeam Site Collector Customizations
- Supported Exabeam Site Collector Changes
- Configure Transport Layer Security (TLS) Syslog Ingestion
- Direct Kafka Input to Exabeam Site Collector
- Add a Secondary Syslog Destination
- Remove a Syslog Destination
- Filter Incoming Syslog Events in Exabeam Site Collector
- Filtering Outbound Logs in Exabeam Site Collector
- Metadata Collected by Site Collector and Supported Agents
- Add OpenVPN After Exabeam Site Collector Installation
- Supported Exabeam Site Collector Changes
- Troubleshoot for Exabeam Site Collector
- Scenario 1: Collector or its status does not appear in the console and no logs reach destination
- Scenario 2: Collector is healthy but no logs are transmitted or received
- Scenario 3: Exabeam Advanced Analyticsunable to pull LDAP data
- Scenario 4: Kafka Google Cloud Storage (GCS) collectors have not appeared on Data Lake
- Scenario 5: If logs are not uploaded to GCS where logs are not on Data Lake
- Scenario 6: Unable to accept incoming syslog, active directory context, Splunk logs, or Incident Responder integrations
- Scenario 7: Cannot send after transport endpoint shutdown
- Scenario 8: Too many arguments in command /tools/config.parser.sh
- Other scenarios
- Capture Site Collector Diagnostics Using Exabeam Support Package
- Install and Upgrade Exabeam Site Collector for On-premises and Legacy Deployments
- Prerequisites
- Install Site Collector for Exabeam Data Lake On-premises Deployments
- Installing Site Collector for Exabeam Advanced Analytics On-premises Deployments
- Upgrade Site Collector for Exabeam Data Lake On-premises Deployments
- Upgrade Site Collector for Exabeam Advanced Analytics On-premises Deployments
- Uninstall Exabeam Site Collector
- Migrate to the New-Scale Site Collectors Service
- A. Glossary of Terms
Appendix A. Glossary of Terms
Term | Definition |
|---|---|
Active Directory | Microsoft directory services for Windows networks. |
Advanced Analytics | Exabeam's Advanced Analytics provides user and entity behavior intelligence on top of existing SIEM and log management data repositories to detect threats by analyzing activities in the attack chain. |
Cloud Connector | An ingestion mechanism that collects and uploads logs to Exabeam services from over cloud services such as AWS, Salesforce, and other cloud security, identity and access management, infrastructure and business applications. |
Data Lake | An Exabeam log management system that orchestrates data collection, indexing, and visualization. |
Exabeam Security Operations Platform | A multi-tenant platform-as-a-service (PaaS) product that extends Exabeam’s security information and event management (SIEM) solution with capabilities unique to Exabeam along with cloud storage, data graphing and integrations |
Kafka Log Collector | The ingestion point for syslogs where data is compressed for optimal transmission to site collectors. |
Logstash | A collection engine that can data gather and normalize data from disparate sources for uniformed processing. |
OpenVPN | An open-source virtual private network system that creates secure point-to-point or site-to-site network connections. |
Primary Site Collector | Where there is a series of site collectors in a deployment, the Primary Site Collector is the master site collector with OpenVPN authentication to the log destination. |
Watchdog | A monitoring daemon that ensures all critical services are operating. |
Zookeeper |