search
TD Website

ESET EDR

The ThreatDefence platform supports integration with ESET PROTECT and ESET Inspect Cloud to ingest endpoint detection and response telemetry. Logs collected from ESET provide visibility into malware detections, suspicious activities, and endpoint risk events.

The platform supports integration using a syslog interface or with ESET Connect, an API gateway between a client and a collection of ESET backend services of the following modules: ESET PROTECT (Cloud), ESET Inspect, and ESET Cloud Office Security.

hashtag
Syslog Setup

hashtag
Prerequisites

  • Access to the ESET PROTECT Hub with Superuser permissions.

  • A ThreatDefence syslog appliance or VM.

hashtag
Steps

hashtag
Step 1. Syslog Configuration

  • Format of Payload: CEF

  • Format of envelope-BSD (Syslog)

  • Event types to log—Select the type of logs you want to include (Antivirus, HIPS, Firewall, Web protection, Audit Log, Blocked files, ESET Inspect alerts, Incidents).

  • Destination IP (this should be the IP address of your ThreatDefence appliance).

hashtag
Step 2. Reach out to ThreatDefence support

Once configuration is complete, provide the following details to ThreatDefence Support at 📧 [email protected]envelope:

  • Request to enable ESET EDR syslog listener on your ThreatDefence appliance

  • Source IP address

hashtag
API Setup with ESET Connect

hashtag
Prerequisites

  • Access to the ESET PROTECT Hub with Superuser permissions.

hashtag
Requirements and limitations

  • Only the Root or Superuser can create a user with access to API endpoints.

  • API access rights cannot be granted to the ESET Business Account Superuser, ESET MSP Administrator 2 Root user, and ESET PROTECT Hub Superuser accounts.

hashtag
Steps

hashtag
Step 1. Create an API User Account

  • We recommend creating a dedicated API user to separate your regular account from API activities.

  • Follow this guidearrow-up-right and create the API user account.

  • Visit ESET online help pagearrow-up-right for more information.

hashtag
Step 2. Reach out to ThreatDefence support

Once configuration is complete, provide the following details to ThreatDefence Support at 📧 [email protected]envelope:

  • Your ESET account Username and Password

PreviousCisco AMP for EndpointsNextPublic Cloud

Last updated