Subscribing to receive SIEM/SOAR Logs

Last published : Apr 17, 2026

The SIEM/SOAR Logs feature allows customers to retrieve all logs and transfer them to other tools, such as Splunk , for further processing.

To receive SIEM/SOAR Logs, customers need to contact Arctera Support and request enabling the SIEM/SOAR Log shipping service for their environment. Customers must specify which of the following storage options they require:

AWS
Microsoft Azure
SFTP

This service collects the following details:

Search logs from the Arctera Insight Management Console
Message logs, Activity logs, and Browser logs (including Mobile Browser, Discovery Browser, and Personal Browser) from the Insight eDiscovery portal

The SIEM/SOAR service identifies the collected logs by their name and creation date, and generates a separate CSV file for each log. If the customer has subscribed to this service, these CSV files are securely uploaded to their storage managed by the customer. The service employs the following components:

APIs provided by Amazon/Microsoft Azure/SFTP for uploading the CSV files.
Advanced Encryption Standard (AES-256) for secured data transmission. Each object is encrypted with a unique data key, providing additional protection for the data.

Refer to the following related knowledge base article to see sample SIEM/SOAR sample log reports in CSV format.

Note: To ensure seamless and secured data transmission, customers are recommended to set up the necessary firewall rules to accomplish secure data upload to their storage of choice

Related information

Logs

PDF Export Options

Share this page

Was this page helpful?