Where to Begin

• Logging in to the app
• Getting started with Blumira

Account & User Management

• Managing your user account
• Configuring multi-factor authentication
• About Blumira roles
• Adding and removing users in your Blumira account
• Configuring SAML SSO for your organization
• Configuring SAML SSO with Microsoft Entra
• See all 9 articles

General Information

• Our current status
• Contacting Blumira Support

Known Issues

• Duplicate logs are generating repeated findings

Blumira HTTP Ingestion

• Using Blumira HTTP Ingestion
• Integrating with Bitwarden
• Integrating with Cloudflare
• Integrating with DNS Filter
• Integrating with GitHub
• Integrating with Keeper Security
• See all 10 articles

Blumira Agent

• Getting started with Blumira Agent for Windows endpoints
• Installing Blumira Agent on a remote device
• Using Microsoft Intune to deploy Blumira Agent
• Troubleshooting Blumira Agent installation issues
• Managing your Blumira Agent devices
• Uninstalling Blumira Agent from a device that is not connected
• See all 8 articles

Blumira Cloud Connectors

• Getting started with Blumira's Microsoft 365 and Azure log monitoring
• Integrating with Microsoft 365
• Integrating with Microsoft 365 Government Cloud
• Integrating with Microsoft 365 Defender
• Integrating with Microsoft Azure Event Hubs
• Integrating with Microsoft Defender for Cloud Apps
• See all 30 articles

Blumira Sensors

• Building a Blumira sensor on Ubuntu
• Allowlisting outbound traffic for Blumira sensors
• Deploying a Blumira honeypot
• Verifying that a sensor module integration was successful
• About the Blumira Sensor Logger Module
• Rebuilding and reinstalling a Blumira sensor
• See all 7 articles

Cloud Security Services

• Integrating with Bitdefender
• Integrating with Check Point Harmony
• Integrating with Forescout
• Integrating with Infoblox
• Integrating with Ivanti Connect Secure
• Integrating with KnowBe4 PhishER
• See all 7 articles

Endpoint Protection Services

• Integrating with Blackberry CylanceOPTICS
• Integrating with ESET Endpoint Protection
• Integrating with Malwarebytes
• Integrating with Malwarebytes Nebula
• Integrating with Symantec Endpoint Security
• Integrating with Trend Micro Apex One
• See all 7 articles

Firewall Integrations

• Integrating with Barracuda Web Application Firewall
• Integrating with Check Point Next-Generation Firewall
• Integrating with Cisco ASA Firewall
• Integrating with Cisco Firepower Threat Defense
• Integrating with Cisco Meraki Firewall
• Integrating with Citrix Application Delivery Controller
• See all 18 articles

Identity Services

• Integrating with Aruba ClearPass
• Integrating with LastPass
• Integrating with Microsoft Active Directory
• Integrating with Okta

Linux Machines

• Integrating with Linux OS
• Integrating with Linux using a Blumira sensor and Rsyslog
• Integrating with Linux Auditd
• Integrating with Linux Journald
• Integrating with Osquery

Windows Machines

• Automating Windows log collection with Poshim
• Advanced Microsoft Windows logging with Logmira GPO template
• Integrating with Microsoft Windows Internet Information Services
• Deploying a Blumira honeytoken with Dogemira
• Deploying Blumira HoneyFiles to detect SYSVOL exploits
• Integrating with Microsoft Windows Server
• See all 8 articles

Other Systems

• Integrating with Apache Web Server
• Integrating with Nginx Web Server
• Integrating with Synology
• Integrating with VMware vCenter and vSphere

Detection Rules & Filters

• Understanding and managing detection rules
• Enabling the detections your organization needs
• Using Detection Filters to customize detections
• Best practices for using detection filters to stop unwanted findings
• Testing Blumira detections
• Testing Duo Security detections
• See all 13 articles

Findings

• About Blumira Findings
• Investigating “365 Alert Policy: Creation of forwarding/redirect rule” findings
• Investigating "Audit Policy Change via Auditpol" findings
• Investigating “Azure Identity Protection Risky Sign-in” findings
• Investigating "Batch Script Execution" findings
• Investigating "Clearing of Windows Event Log" findings
• See all 22 articles

Reporting & Dashboards

• Using the Blumira API
• Using the Report Builder
• Using Blumira Investigate
• Using Executive Summaries
• Identifying and troubleshooting delayed logs using time fields
• Choosing the right data source for your report
• See all 10 articles

Threat Response

• Blumira SOC Auto-Focus: AI-powered threat analysis and response
• Using Blumira Threat Response
• Configuring Microsoft 365 Threat Response
• Manually isolating an endpoint with Blumira Agent
• Automatically isolating Windows endpoints with Blumira Agent
• About Blumira's dynamic blocklists
• See all 9 articles

Troubleshooting Errors

• Troubleshooting errors in your Microsoft 365 Cloud Connector
• Reviewing Blumira System logs to troubleshoot errors

User Notifications

• About user notifications
• Configuring Blumira to send notifications and scheduled reports to an ITSM tool
• Sending Blumira notifications to a Microsoft Teams channel
• Sending Blumira notifications to a Slack channel