Overview
To integrate Blumira with your Windows endpoints, you can install Blumira Agent on devices running Windows OS (XP 32-bit or higher) so that Blumira can automatically collect those devices' Windows event logs (WEL) via the cloud. Windows machines are constantly logging events locally, and Blumira Agent transmits those locally stored logs to Blumira for threat detection and response alongside the rest of your integrated logs sources.
Before you begin
Ensure that your Blumira account is licensed for Blumira Agent and that you have administrator permissions in the app.
Installing and using Blumira Agent for Windows
To get the best logging experience from Blumira Agent, complete the following procedures:
- Installing Blumira Agent on your endpoints
- Deploy Blumira's GPO Logmira
- Enable Windows Internet Information System (IIS) logging, if applicable to your environment
After you have configured logging, learn how to manage or isolate devices, and try testing the related detections by reviewing the following articles: