Knime integration with SIEM Solutions

miraclesoul · September 20, 2019, 2:53pm

Hello There,

I tried to search online for the Knime integration with SIEM solutions but couldnt find a clear answer. The usecase i have in mind is to forward the syslogs from the SIEM solutions to Knime platform and Knime performs the analytics.

Since most SIEM providers will not allow to connect to their database in client production environment so was thinking to forward syslogs from the SIEM solution to injest data and perform analytics.

Does Knime has builtin log storage and log receiver such as Nifi etc… and a local big data database to store and process all these logs for analytics. how can the above usecase be implemented…any directions shall be really helpful.

Apologies for asking such a simple question but I am pretty new here and started exploring knime since 2 days only…

Appreciate the support.

Thanks
Fahad.

miraclesoul · September 23, 2019, 10:21am

No response on this??

ipazin · September 23, 2019, 11:54am

Hi there @miraclesoul,

as to my knowledge there is no KNIME integration with any SIEM provider. Also KNIME doesn’t come with a database to store data. What KNIME does and can do very well in your case is to import data/logs, process it and export it/save it where you want.

If any more questions feel free to ask.

Br,
Ivan

system · March 23, 2020, 11:54pm

This topic was automatically closed 182 days after the last reply. New replies are no longer allowed.