ESET Endpoint Protection

Integration Details

ESET Endpoint Protection Integration With Blumira’s Cloud SIEM

Click here for the most updated version of this documentation.

ESET Endpoint Security provides a comprehensive antimalware, with web filter, firewall and botnet protection for Mac, Windows and Linux. This service is designed to stop targeted endpoint cybersecurity attacks.

Blumira’s modern cloud SIEM platform integrates with ESET to detect cybersecurity threats and provide an automated or actionable response to remediate when a threat is detected on an endpoint.

When configured, the Blumira and ESET integration will stream server and workstation endpoint security event logs and alerts to the Blumira service for threat detection and actionable response.

Sign Up For Your Free Account Today

Get your free account with Blumira and secure your Microsoft 365 environment in minutes. No credit card required.

Configuration Instructions

Integrating with ESET Endpoint Protection

Before you begin

Determine the Blumira sensor you will use as a Syslog server to collect log data. On the sensor detail screen, under Host Details, copy the IP address of your Blumira sensor to use in later steps.

Sending ESET Protect log data to Blumira

The ESET integration relies on Blumira’s Sensor Logger Module, which acts as a Syslog server. Logger Module is set up by default for new sensors and does not require additional configuration in Blumira.

Export your ESET Protect log data to a Syslog server—your Blumira sensor—by completing the following steps:

Log in to your ESET Protect Console.
Click Admin > Server Settings and expand Advanced Settings.
In the Syslog Server section, complete the following steps:
- Enable Use Syslog server.
- In the Host field, type the IP address or hostname of your Blumira sensor.
- In the Port field, keep the default value 514.
In the Logging section, enable Export logs to Syslog.
Click Save.