DarkTrace IDS
Version : DarkTrace IDS V3.0.10 and above Version
DarkTrace Intrusion Detection System (IDS) is a device or software application that monitors a network or systems for malicious activity or policy violations. Any malicious activity or violation is typically reported to an administrator.
DarkTrace IDS can be integrated with Netsurion Open XDR using Syslog. With the help of DarkTrace IDS KP items, we can monitor the intrusion happening inside the network and also trigger the alert whenever any high server intrusion is detected. Netsurion Open XDR dashboard will help you to visualize the intrusion happening inside the network by it’s source IP address as well as based on categories. It can even create the report which helps to collect intrusion happening on the network on time bases, which helps you to review the intrusion. Netsurion Open XDR CIM will help you to correlate the intrusion with other log sources like firewall, OS events, etc.
Netsurion Data Source Integrations for DarkTrace IDS allows you to monitor the following components:
- Security – Intrusion detection
Once DarkTrace IDS is configured to deliver events to Netsurion Open XDR manager; knowledge objects and reports can be configured into Netsurion Open XDR.
The following are the key Data Source Integration available in Netsurion Open XDR.
Alerts
| Type | Name | Description |
|---|---|---|
| Security | DarkTrace IDS – Intrusion Detected | This alert will trigger for all DarkTrace IDS logs. |
Reports
| Type | Name | Description |
|---|---|---|
| Security | DarkTrace IDS – Activities | This report provides information related to possible unencrypted password storage. |
Documentation
The configuration details are consistent with Netsurion Open XDR 9.x and later, and DarkTrace IDS.
Download Integration Guide for configuration instructions and more information.