Topics on this page

Monitor Workload Security events

The API does not provide endpoints for obtaining and manipulating Workload Security event data. Instead, we encourage you to forward system and security events to an external syslog server or security information and event management (SIEM) server.

SIEMs enable you to effectively act on the event data that you collect. The following typical tasks are easy to implement with a SIEM:

  • Create dashboards to easily monitor the status of your security and recognize problems as they occur.
  • Automate alerting when specific events occur so that you can react quicky.
  • Store event data for the long term so that you can recognize trends and also to adhere to compliance regulations if needed.
  • Amalgamate data to see how events from all of your business systems are affecting each other.

To learn how to integrate Workload Security with a syslog or SIEM, see Forward Workload Security events to a Syslog or SIEM server.

To learn about events, see Event collection in Workload Security. See also Generate reports about alerts and other activity.