Cloud Collector

Modified on Sun, 27 Aug 2023 at 07:16 PM

Increasingly organizations are using platforms and applications which are hosted in the cloud.  Most, if not all, of these cloud-based systems generate telemetry which provides you useful security information for your IT estate.  Even functions like user authentication have moved to the cloud thus making the ability to ingest and analyze cloud telemetry more and more important.  This is where the Samurai XDR Cloud Collector comes into play.  It allows you to connect to your cloud-based platforms such as IaaS, PaaS and SaaS, as well as solutions that are managed from the cloud, such as endpoint detection and response.

The Cloud Collector works by connecting to cloud-based platforms to collect telemetry either via an API or a storage account.  To set up an integration via the Cloud Collector, you typically need to provide API credentials which will allow Samurai XDR to retrieve telemetry from the cloud platform.

Adding Log Sources

When you want to add a new log source to Samurai XDR, the best place to start is in the Integrations pane of the app.  There you will be taken through all the steps needed to add an Integration.  You will also be pointed to the integration guide which takes you through the steps you need to follow on your log source (device) to add it to Samurai XDR.  
Viewing your Integrations

Once you have added an Integration, it will become visible in the list of Integrations in the Cloud Collector pane.