Applies to: Palo Alto Traps
Palo Alto Traps advanced endpoint protection stops threats on the endpoint and coordinates enforcement with cloud and network security to prevent successful cyberattacks. Traps stands apart in its ability to protect endpoints. It blocks security breaches and successful ransomware attacks that leverage malware and exploits, known or unknown, before they can compromise endpoints.
EventTracker is an enterprise-class platform that seamlessly combines SIEM, Log Management, Threat detection and so forth.
Once Palo Alto Traps is configured to deliver events to EventTracker Manager; alerts, dashboards and reports can be configured into EventTracker.
Palo Alto Traps- Agent status: This report gives information about all the agent status such as client license invalid, client license request, enabled protection and so on.
Palo Alto Traps- Agent activities: This report gives information about all the agent activities such as agent content update, agent policy change and so on.
Palo Alto Traps- ESM system activities: This report gives information about all the system activities such as archived preventions, archived preventions failure, file upload failure and so on.
The configurations detailed in this guide are consistent with EventTracker Enterprise version 8.x and later, and Palo Alto Traps.
For more information please refer to the Integration guide.