🚧

Under Construction

This feature is not yet publicly available.

Overview

Control D features Data Streaming (SIEM) integration, which stands for Security Information and Event Management. This integration denotes the possibility for Control D to stream detailed DNS query logs to your preferred SIEM tool in real-time.

Problem Solved

Having a SIEM integration means organizations can unify their security data collection, enabling them to aggregate, analyze, and respond to security alerts efficiently. This integration closes the gap between DNS security management and an organization's overarching security strategy.

Feature Benefits

• Real-Time Alerting: By streaming DNS data to a SIEM tool, organizations can receive real-time alerts about suspicious activities.
• Enhanced Security Posture: Incorporate DNS query data into broader security analyses to bolster overall cyber defenses.
• Unified Data Analysis: Integrating with SIEM tools allows security teams to incorporate DNS data into the more extensive data sets they analyze, making for a more comprehensive view of the security landscape.

Enabling and Using Data Streaming (SIEM)

Enabling Data Streaming (SIEM) in Control D involves configuring the service to send DNS query logs to a SIEM tool like Splunk, ELK, or any other that supports Syslog consumption.