Add robust security detections on your environment with Blumira. After configuring log sources to point at Blumira, our security operations team takes care of tedious SIEM related tasks, such as: log parsing, data normalization, reporting, detection rules, and more. Try Blumira Free for 30 Days!
Once your account is created, check your inbox for your account verification email. Simply follow the steps outlined in the email to get logged in to https://app.blumira.com.
Now that you’re logged into your account, getting started takes only a few minutes. Follow the steps below to begin:
Set up an Ubuntu host that will be used for the Blumira Sensor (used to connect to services and collect your logs) using the following instructions: https://www.blumira.com/integration/blumira-sensor-deployment
Suggested Requirements for Sensor Host:
From the Blumira console https://app.blumira.com, create a Blumira sensor by completing the following steps:
Now click Install and within 5 minutes, you will receive an email with the script that is used to set up your sensor’s environment.
Log in to your sensor via SSH and then copy and paste the script from your email into your Blumira host sensor server’s console to allow the automatic setup of your sensor’s environment. This process takes just a few moments to complete.
The final step is to configure your new integrations, log sources and modules.
Specific integration steps can be found in our documentation pages: https://blumira.com/integrations.
Below is a prioritized list of commonly-used integrations:
Once logs are flowing up to Blumira, detection rules can be enabled to identify activity and alert your team. We have many default rules that can be added, however, you may also request customization by contacting our Security Operations team. Let us know what integrations you’ve configured so we can enable the appropriate detection rules.
Need an IP to be added to an allow list to limit false alerts when you have scheduled network or server scans? Need a PowerShell script to be added to an allow list as it’s approved to run on your systems? We are here to help and ensure your success!
Blumira offers several avenues to access our Security Operations and Support team. See our support page for hours and contact information: https://www.blumira.com/support
It’s easy to deploy and start seeing security value in a matter of hours, not months.
Various API Integration Documentation: