Overview
When configured, the Blumira and ESET integration will stream server and workstation endpoint security event logs and alerts to the Blumira service for threat detection and actionable response.
Before you begin
This integration requires a Blumira sensor to be installed before you can complete the steps below. Ensure that you complete the steps in Building a Blumira sensor with Ubuntu before you continue.
Gather the IP address of your Blumira sensor to use when configuring the external service.
To find and copy the IP address of the sensor, do the following:
- In Blumira, navigate to Settings > Sensors.
- Click the sensor row to open the details page.
- In the Overview section, next to Host Details, copy the IP address.
Sending ESET Protect log data to Blumira
The ESET integration relies on Blumira’s Sensor Logger Module, which acts as a Syslog server. Logger Module is set up by default for new sensors and does not require additional configuration in Blumira.
Export your ESET Protect log data to a Syslog server—your Blumira sensor—by completing the following steps:
- Log in to your ESET Protect Console.
- Click Admin > Server Settings and expand Advanced Settings.
- In the Syslog Server section, complete the following steps:
- Enable Use Syslog server.
- In the Host field, type the IP address or hostname of your Blumira sensor.
- In the Port field, keep the default value 514.
- In the Logging section, enable Export logs to Syslog.
- Set the Log format to JSON.
- Click Save.