Skip to main content

CSE Administration

Learn about onboarding tasks and best practices for Cloud SIEM Enterprise administrators. In this section, we'll introduce the following concepts:

icon

Filter and Search

Learn how to filter and search CSE list pages.

icon

Network Blocks

Learn about Network Blocks, their purpose, and instructions for setting them up and using them.

icon

Create a Custom Tag Schema

Learn how to create a custom tag schema in CSE.

icon

Create a Custom Threat Intelligence Source

Learn how to create and manage Custom Threat Sources.

icon

Create CSE Actions

Learn how to issue a notification to another service when certain events occur in CSE.

icon

Create CSE Context Actions

Learn to query an external system for details about an Entity, IOC, or data encountered in a Record.

icon

CSE APIs

Learn how to access CSE APIs and API documentation.

icon

Data Retention

Learn about retention periods for different types of CSE data.

icon

Audit Logging

Learn how to search the Audit Event Index for CSE log events.

icon

CSE User Accounts and Roles

Learn how to create and manage user accounts and roles for CSE.

icon

Custom Inventory Source

Learn how to extract Inventory Data from logs in Sumo Logic and send it to CSE.

icon

Save Inventory Data to a Lookup Table

Learn how to use a saved Sumo Logic search to populate a Lookup Table with CSE inventory data.

icon

Manage Custom Insight Resolutions

Learn how to create and manage Custom Insight Resolutions.

icon

Managing Custom Insight Statuses

Learn how to create and manage Custom Insight Statuses.

icon

Sensor Zones

Learn how to use Sensor Zones to distinguish between CSE Entities that have the same IP address.

icon

Inventory Sources and Data

Learn about Inventory Sources and the Inventory Data they collect.

Legal
Privacy Statement
Terms of Use

Copyright © 2023 by Sumo Logic, Inc.