Where to Begin

• Signing up for Blumira
• Logging in to the app
• Getting started with Blumira

Account & User Management

• Managing your user account
• Configuring multi-factor authentication
• About Blumira roles
• Adding and removing users in your Blumira account
• Configuring SSO for your organization
• Configuring SAML SSO with Microsoft Entra
• See all 9 articles

General Information

• Our current status
• Contacting Blumira Support

Known Issues

• Detection filters temporarily appear to be duplicated
• Users cannot install Blumira sensors due to Docker snap issue
• Duplicate logs are generating repeated findings

Blumira Agent

• Getting started with Blumira Agent for Windows endpoints
• Installing Blumira Agent on a remote device
• Managing your Blumira Agent devices
• Uninstalling Blumira Agent from a device that is not connected
• How agent and host status impact remote logging with Blumira Agent
• Integrating with macOS

Blumira Cloud Connectors

• Getting started with Blumira's Microsoft 365 and Azure log monitoring
• Integrating with Microsoft 365
• Integrating with Microsoft 365 Defender
• Integrating with Microsoft Azure Event Hubs
• Integrating with Microsoft Defender for Cloud Apps
• Integrating with Microsoft Defender for Endpoint
• See all 29 articles

Blumira Sensors

• Building a Blumira sensor on Ubuntu
• Allowlisting outbound traffic for Blumira sensors
• Deploying a Blumira honeypot
• Verifying that a sensor module integration was successful
• About the Blumira Sensor Logger Module
• Rebuilding and reinstalling a Blumira sensor
• See all 7 articles

Cloud Security Services

• Integrating with Bitdefender
• Integrating with Forescout
• Integrating with Infoblox
• Integrating with Ivanti Connect Secure
• Integrating with KnowBe4 PhishER
• Integrating with Proofpoint Advanced Threat Protection

Endpoint Protection Services

• Integrating with Blackberry CylanceOPTICS
• Integrating with ESET Endpoint Protection
• Integrating with Malwarebytes
• Integrating with Malwarebytes Nebula
• Integrating with SonicWall Secure Mobile Access appliances
• Integrating with Symantec Endpoint Security
• See all 8 articles

Firewall Integrations

• Integrating with Barracuda Web Application Firewall
• Integrating with Check Point Next-Generation Firewall
• Integrating with Cisco ASA Firewall
• Integrating with Cisco Firepower Threat Defense
• Integrating with Cisco Meraki Firewall
• Integrating with Citrix Application Delivery Controller
• See all 16 articles

Identity Services

• Integrating with Microsoft Active Directory
• Integrating with LastPass
• Integrating with Okta

Linux Machines

• Integrating with Linux OS
• Integrating with Linux using a Blumira sensor and Rsyslog
• Integrating with Linux Auditd
• Integrating with Linux Journald
• Integrating with Osquery

Windows Machines

• Automating Windows log collection with Poshim
• Advanced Microsoft Windows logging with Logmira GPO template
• Integrating with Microsoft Windows Internet Information Services
• Deploying a Blumira honeytoken with Dogemira
• Deploying Blumira HoneyFiles to detect SYSVOL exploits
• Integrating with Microsoft Windows Server
• See all 8 articles

Other Systems

• Integrating with Apache Web Server
• Integrating with Nginx Web Server
• Integrating with Synology
• Integrating with VMware vCenter and vSphere

Detection Rules & Filters

• Understanding and managing detection rules
• Enabling the detections your organization needs
• Using detection filters in paid Blumira editions
• Best practices for using detection filters to stop unwanted findings
• Testing Blumira detections
• Testing Duo Security detections
• See all 13 articles

Findings

• About Blumira findings
• Investigating “365 Alert Policy: Creation of forwarding/redirect rule” findings
• Investigating "Audit Policy Change via Auditpol" findings
• Investigating "Batch Script Execution" findings
• Investigating "Clearing of Windows Event Log" findings
• Investigating "Connection from Public IP Address" findings
• See all 18 articles

Reporting & Dashboards

• Using the Blumira API
• Using the Report Builder
• Using Blumira Investigate
• Using Executive Summaries
• Identifying and troubleshooting delayed logs using time fields
• Choosing the right data source for your report
• See all 10 articles

Threat Response

• Configuring Microsoft 365 Threat Response
• Using response actions in supported Microsoft and Azure findings
• Manually isolating an endpoint with Blumira Agent
• Automatically isolating Windows endpoints with Blumira Agent
• About Blumira's dynamic blocklists
• Configuring blocklists and managing blocking
• See all 8 articles

Troubleshooting Errors

• Troubleshooting errors in your Microsoft 365 Cloud Connector
• Reviewing Blumira System logs to troubleshoot errors

User Notifications

• About user notifications
• Configuring Blumira to send notifications and scheduled reports to an ITSM tool
• Sending Blumira notifications to a Microsoft Teams channel
• Sending Blumira notifications to a Slack channel