To integrate Blumira with your Windows endpoints, you can install Blumira Agent on devices running Windows OS (XP 32-bit or higher) so that Blumira can automatically collect those devices' Windows event logs (WEL) via the cloud. Windows machines are constantly logging events locally, and Blumira Agent transmits those locally stored logs to Blumira for threat detection and response alongside the rest of your integrated logs sources.
Note: Blumira Agent does not collect Windows firewall logs or any other log types besides WEL.
You can also use Blumira Agent to quarantine the agent's host (the device) when you discover that it is or might be compromised.
Instructions for testing detections are also available in Testing detections for remote Windows logs.