Skip Navigation
  1. BlackBerry Docs
  2. BlackBerry UEM 12.13
  3. Administration
  4. Monitoring and reporting
  5. Send system events to a SIEM solution

Send system events to a SIEM solution

Security Information and Event Management (SIEM) software collects, analyzes, and aggregates security data from multiple sources to detect potential security threats. To send 
UEM
 system events to your organization’s SIEM software, you can add a SIEM connector. Currently, adding a SIEM connector is supported for 
UEM
 on-premises only.
  1. On the menu bar, click 
    Settings > External integration > SIEM connectors
    .
  2. Click The Add icon.
  3. In the 
    Name
     field, type a name for the connector.
  4. In the 
    Connector format
     drop-down list, click a logging and auditing file format.
  5. In the 
    SIEM endpoint server name
     field, type the SIEM server name.
  6. In the 
    Port
     field, type the port of the SIEM server.
  7. To use a TLS connection and host validation, verify that the 
    Enable TLS
     and 
    Enable host validation
     check boxes are selected.
  8. In the 
    Status
     drop-down list, do one of the following:
    • Click 
      Enabled
       to use the connector.
    • Click 
      Disabled
       to turn off the connector.
  9. Click 
    Save
    .
If you enabled a TLS connection, in 
Settings > External integration > Trusted certificates
, click The Add icon beside 
SIEM server trusts
 to upload a trust certificate.