Back Arrow Back to All Integrations

Malwarebytes Nebula

Malwarebytes Nebula

Integrating Malwarebytes Nebula With Blumira


Click here for the most updated version of this documentation.


Blumira’s modern cloud SIEM platform integrates with Malwarebytes Nebula to detect cybersecurity threats and provide actionable response to remediate when a threat is detected.


When configured, the Blumira integration with Malwarebytes Nebula will stream security event logs to the Blumira service for automated threat detection and actionable response.


Get visibility, detect and respond to threats faster:


  • Quickly detect known and suspected threats with Blumira’s cloud-based platform
  • Reduce the noise of false-positive alerts with backend automation and fine-tuned alerting
  • Detect lateral movement across your environment with virtual honeypots
  • Get guided and actionable remediation playbooks for teams without security expertise
  • View easy-to-understand dashboards and security threat reports to help organizations meet compliance requirements


See how easy it is to set up Blumira with Malwarebytes Nebula:

Sign Up For Your Free Account Today

Get your free account with Blumira and secure your Microsoft 365 environment in minutes. No credit card required.


Free Trial

Integrating with Malwarebytes Nebula


Before you begin

Determine the Blumira sensor you will use as a Syslog server to collect log data. On the sensor’s detail screen, under Host Details, copy the IP address of your Blumira sensor to use in later steps.

Sending Malwarebytes Nebula log data to Blumira

Configure Malwarebytes Nebula to export log data to a Syslog server—your Blumira sensor—by completing these steps:

  1. Navigate to Settings > Syslog Logging.
  2. Click Add. Assign one of your Windows endpoints as the Syslog communication endpoint.
  3. In the top-right corner, click Syslog Settings.
  4. Fill in the following information, then click Save.
    • IP Address/Host: type the IP address of your Blumira sensor.
    • Port: keep the default value 514.
    • Protocol: select either TCP or UDP protocol.
    • Severity: select a severity from the list. This determines the Severity of all Malwarebytes events sent to Syslog.
    • Minutes: type the preferred number of minutes for the communication interval from Malwarebytes Nebula to Syslog.
  5. Navigate to Endpoints. Click on the Syslog communication endpoint you assigned in Step 2.
  6. In the Agent Information section, verify that the Blumira app version number displays. This confirms the Blumira plugin is active on the endpoint.

See additional information in Configure Syslog in Malwarebytes Nebula.