FedRAMP Solutions for Government User Guide

SIEM integration

Submit your requests to integrate SIEM data through the service request form, accessible from the Support & Community page.

Steps

  1. Complete the following fields:

    • Subject: Enter a description of your request, including the action to be taken.

    • Environment Type: Specify the type of environment affected by this request.

    • Proposed Change Window: Specify the dates or times in which you want the work complete.

  2. From the Capability list, select Platform service requests → SIEM Integration.

  3. In the Logging endpoint (DNS or IP address) field, enter the logging endpoint DNS or IP address.

  4. Select the type of integration from the Type of Integration field:

    • HTTP collector

    • Splunk

    • Other

  5. Select the appropriate description from the Alarm subscription field:

    • Email

    • Lambda

    • Webhook

    • Other

  6. Select the appropriate description from the Business Priority list:

    • Change needed by deadline to avoid business impact

    • Change modifies existing functionality

    • Change adds new functionality

  7. Enter a description of your request in the Description field.

  8. If you are tracking your request within your organization, enter the tracking ID or ticket number associated with it in the Customer Tracking ID field.

  9. Click Save to submit your request.