SaaS SIEMs enable seamless data ingestion from various SaaS solutions and customer-deployed systems in JSON format through HTTP(s) connections. Data Connector is capable of transferring BloxOne and NIOS logs to SIEMs in a format that is easily interpretable by the destination, whether it is MS Sentinel or Splunk with an on-prem host or a cloud destination.
Using the Cloud/SaaS SIEM solution
When direct data ingestion using a supported SIEM via HTTPs is used and authentication is required, traffic flows can be provisoned using HTTP destination types. When an HTTP destination is provisioned, the organization is responsible for configuring the following traffic flow information: name, description (optional), state (active/disabled), URL, log export format, authentication information.
...