diff --git a/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_1.png b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_1.png new file mode 100644 index 0000000000..f0e298290e Binary files /dev/null and b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_1.png differ diff --git a/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_2.png b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_2.png new file mode 100644 index 0000000000..728c1570f3 Binary files /dev/null and b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_2.png differ diff --git a/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_3.png b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_3.png new file mode 100644 index 0000000000..919f448967 Binary files /dev/null and b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_3.png differ diff --git a/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_4.png b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_4.png new file mode 100644 index 0000000000..c0181ff1ee Binary files /dev/null and b/docs/assets/operation_center/integration_catalog/application/veeam-backup/step_4.png differ diff --git a/docs/xdr/features/collect/integrations/application/veeam_backup.md b/docs/xdr/features/collect/integrations/application/veeam_backup.md new file mode 100644 index 0000000000..b024bcfd0b --- /dev/null +++ b/docs/xdr/features/collect/integrations/application/veeam_backup.md @@ -0,0 +1,47 @@ +uuid: dbebefdd-dd2e-48a9-89e6-ee5a00ee0956 +name: Veeam Backup +type: intake + +## Overview + +Veeam Backup & Replication is a comprehensive data protection solution known for its robust backup, recovery, and replication capabilities, ensuring the secure and efficient management of data across various environments for businesses and organizations. + +{!_shared_content/operations_center/detection/generated/suggested_rules_dbebefdd-dd2e-48a9-89e6-ee5a00ee0956_do_not_edit_manually.md!} + +{!_shared_content/operations_center/integrations/generated/dbebefdd-dd2e-48a9-89e6-ee5a00ee0956.md!} + +## Configure + +This setup guide will show you how to forward your Veeam logs to Sekoia.io by means of a syslog transport channel. + +### Prerequisites + +An internal log concentrator is required to collect and forward events to Sekoia.io. + +### Enable syslog forwarding + +To enable syslog forwarding: + +1. Open the burger menu in the Veeam Backup & Replication Console and select `Options`. + + ![step_1.png](/assets/operation_center/integration_catalog/application/veeam-backup/step_1.png) + +2. In the `Options` dialog, select the `Event Forwarding` tab. + + ![step_2.png](/assets/operation_center/integration_catalog/application/veeam-backup/step_2.png) + +3. Add a new syslog server. + + ![step_3.png](/assets/operation_center/integration_catalog/application/veeam-backup/step_3.png) + +4. Enter the log concentrator's address and port, then select the transport protocol you need. + + ![step_4.png](/assets/operation_center/integration_catalog/application/veeam-backup/step_4.png) + +### Create an intake + +Go to the [intake page](https://app.sekoia.io/operations/intakes) and create a new intake from the Veeam Backup format. + +### Forward logs to Sekoia.io + +Please consult the [Syslog Forwarding](../../../ingestion_methods/sekoiaio_forwarder/) documentation to forward these logs to Sekoia.io. diff --git a/mkdocs.yml b/mkdocs.yml index a2566663fe..0a186195a5 100644 --- a/mkdocs.yml +++ b/mkdocs.yml @@ -89,6 +89,7 @@ nav: - RSA SecurID: xdr/features/collect/integrations/application/rsa_securid.md - SEKOIA.IO activity logs: xdr/features/collect/integrations/application/sekoiaio_activity_logs.md - Unbound: xdr/features/collect/integrations/application/unbound.md + - Veeam Backup & Replication: xdr/features/collect/integrations/application/veeam_backup.md - Cloud and SaaS: - AWS: - CloudTrail: xdr/features/collect/integrations/cloud_and_saas/aws/aws_cloudtrail.md