fbpx
Back Arrow Back to All Integrations

Blumira Getting Started Guide

Welcome to Blumira!

We’re happy to have the opportunity to improve your security posture by leveraging our cloud-based threat detection and response platform.

 

Get a Free Trial

It’s easy to deploy and start seeing security value in a matter of hours, not months.

Free Trial

Getting Started

Add robust security detections on your environment with Blumira. After configuring log sources to point at Blumira, our security operations team takes care of tedious SIEM related tasks, such as: log parsing, data normalization, reporting, detection rules, and more. Try Blumira Free for 30 Days!

1) Activate Your Blumira Account

Once your account is created, check your inbox for your account verification email. Simply follow the steps outlined in the email to get logged in to https://app.blumira.com.

Now that you’re logged into your account, getting started takes only a few minutes. Follow the steps below to begin:

2) Set Up a Blumira Sensor Host

Set up an Ubuntu host that will be used for the Blumira Sensor (used to connect to services and collect your logs) using the following instructions: https://www.blumira.com/integration/blumira-sensor-deployment

Suggested Requirements for Sensor Host:

  • 4 CPUs
  • 4 GB of memory
  • 200 GB of storage
  • Static IP address assignment

3) Create a Blumira Sensor

From the Blumira console https://app.blumira.com, create a Blumira sensor by completing the following steps:

  • Click INFRASTRUCTURE on the left menu
  • Next click the ADD NEW SENSOR button.
  • Enter a name for the sensor.
  • Provide additional details about the sensor’s use case in the optional Description field.
  • Use the Location dropdown to choose where the sensor resides.

Now click Install and within 5 minutes, you will receive an email with the script that is used to set up your sensor’s environment.

4) Activate the Blumira Sensor

Log in to your sensor via SSH and then copy and paste the script from your email into your Blumira host sensor server’s console to allow the automatic setup of your sensor’s environment. This process takes just a few moments to complete.

5) Add New Integrations

The final step is to configure your new integrations, log sources and modules.
Specific integration steps can be found in our documentation pages: https://blumira.com/integrations.

Below is a prioritized list of commonly-used integrations:

What to Expect

Once logs are flowing up to Blumira, detection rules can be enabled to identify activity and alert your team. We have many default rules that can be added, however, you may also request customization by contacting our Security Operations team. Let us know what integrations you’ve configured so we can enable the appropriate detection rules.

Need an IP to be added to an allow list to limit false alerts when you have scheduled network or server scans? Need a PowerShell script to be added to an allow list as it’s approved to run on your systems? We are here to help and ensure your success!

How to Contact Support

Blumira offers several avenues to access our Security Operations and Support team. See our support page for hours and contact information: https://www.blumira.com/support

  • By Phone: (877) BLUMIRA | (877) 258-6472
  • By Email: [email protected]
  • By Using Case Management: http://blumira.zendesk.com
  • In App: Send a message to support by clicking the Support icon in the lower right corner of the page or from the Responders’ dashboard. You may include attachments too!

Start Your Free Trial

It’s easy to deploy and start seeing security value in a matter of hours, not months.

Free Trial

 

Appendix

Downloads:

Configuration Documentation:

Various API Integration Documentation:

Download Getting Started With Blumira Guide (PDF)