Respond
Active response and SecOps integration for LinuxGuard alerts — notification rules, webhooks, syslog, and SIEM forwarding.
Last updated
Was this helpful?
⌘Ctrlk
Active response and SecOps integration for LinuxGuard alerts — notification rules, webhooks, syslog, and SIEM forwarding.
Active response and SecOps integration: notification rule configuration, webhook delivery, syslog forwarding, and Splunk HEC integration.
Notification Rules — Configure notification rules in the console to route alerts to webhook, syslog, and Splunk HEC delivery channels.
Webhook Integration — Deliver LinuxGuard signals to an HTTPS endpoint using signed webhook requests with retry semantics.
Syslog Forwarding — Forward LinuxGuard signals as syslog messages to a SIEM or log aggregator over TCP, UDP, or TLS.
Splunk HEC Integration — Send LinuxGuard signals to Splunk via the HTTP Event Collector with token authentication.
Last updated
Was this helpful?
Was this helpful?