Home » Log360 - EventLog Analyzer Integration
Applicable For Endpoint Central MSP 
 
 
On-PremisesCloud

Log360 - EventLog Analyzer Integration

Table of contents

Overview

By integrating ManageEngine Endpoint Central with Log360 – EventLog Analyzer, you can bridge the gap between UEM and SIEM, giving your security team complete visibility across your IT environment. This integration enhances threat detection, streamlines investigations, and unifies response efforts—significantly boosting your organization’s overall security posture. Endpoint Central acts as a comprehensive agent that collects security data from your organization’s endpoints, including servers, desktops, laptops, and mobile devices. This data includes:

  • System Misconfigurations
  • Vulnerability Data Points

Here's what this integration provides:

  • Centralized security intelligence: All endpoint insights are fed into Log360’s SIEM console, offering a single-pane view of vulnerabilities and misconfigurations. This contextualized data allows for efficient threat detection, investigation, and response.
  • Smarter alert triage: Log360 correlates data from both platforms to generate prioritized, context-rich alerts—helping teams quickly detect real threats and reduce noise from false positives.
  • User-based threat correlation: Host-level anomalies detected by Endpoint Central are mapped to user activity in Log360, providing deeper visibility into events like lateral movement, privilege escalation, and suspicious misconfigurations.
  • Zero-day exploit mitigation: The integration helps identify and respond to zero-day vulnerabilities at the endpoint level. Automated patching through Endpoint Central helps neutralize threats quickly, reducing the attack window.
  • Real-time monitoring and visibility: Track endpoint health and user actions as they happen, enabling proactive detection and faster resolution of incidents.
  • Faster investigations with Incident Workbench: Log360’s Incident Workbench auto-builds timelines of suspicious events, simplifying investigations and speeding up decision-making.
  • Reduced MTTR and enhanced MDR: With high-fidelity analytics and automated responses, threats are stopped in their tracks. This translates into faster mean time to respond (MTTR) and improved mean detection and response (MDR).

This integration empowers your security team with the insight and agility needed to stay ahead of evolving threats—by unifying endpoint intelligence with network analytics for a truly proactive defense strategy.

Steps to Integrate Log360 - EventLog Analyzer with Endpoint Central (On Premises)

  • Generate Authentication Key or API Key using Endpoint Central API Explorer. To learn how to generate this key refer to this page.
  • In Log360 EventLog Analyzer, navigate to the Settings tab and click Applications under the Log Source Configuration menu.
  • Select ME Applications tab under Applications component.
    • Log360 Integration
  • Click the Add ME Application button.
    • Log360 Integration
  • Select Endpoint Central from the Application drop-down box.
  • Enter or pick a device from the Device list. (Note: The device on which the Endpoint Central server runs.)
  • Check the Data Enrichment box.
  • Configure the following in the Data Enrichment component.
    • Protocol: Select the desired protocol to fetch data from the protocol dropdown box.
    • Provide a Port number to the protocol (Default port number for HTTP: 8020 & HTTPS: 8383)
    • Provide the API key generated from the Endpoint Central API Explorer.
      Note: Kindly make sure the user have following permissions [VulnerabilityMgmt_Read, PatchMgmt_Read, PatchMgmt_Write]
  • Click Add to configure the chosen Endpoint Central application with the selected device.

Note: Ensure the credentials have sufficient permissions to access APIs.

Workflow

Log360 Integration How it Works

Post this integration, you can create custom correlation rules, custom alert profiles using vulnerability and misconfiguration comparators and also can manage patches with workflows in Log360 - EventLog Analyzer. To learn more about how to configure these, refer to this page.

Kindly contact support for any queries.

Was this article helpful?

Thank you for your feedback!

Sorry about that!

By clicking "Submit", you agree to processing of personal data according to thePrivacy Policy.
Back to Top