Juniper Pulse Secure Integration Guide
Juniper Pulse Secure should be configured to send logs via syslog to the Taegis™ XDR Collector. Please follow the instructions provided by Juniper in this article.
Firewall Requirements ⫘
|Juniper Management Interface
|Taegis™ XDR Collector (mgmt IP)
Data Provided from Integrations ⫘
Taegis™ XDR detectors are not guaranteed to be triggered, even if a data source's logs are normalized to a schema associated with a given detector. However, you can create Custom Alert Rules to generate alerts based on normalized data from a data source.
Logging Configuration Instructions ⫘
Configure syslog for events, user access, administrator access and client logs on your Pulse Secure device by following the instructions provided by Juniper in this article.
Consider the following requirements when completing the configuration steps:
- Events to Log — Select all types to log.
- Type — UDP
- Server name/IP — This is the IP address of the Taegis™ XDR Collector.
- Filter — Select Standard.
- Repeat the same process for user access, admin access, sensors, and client logs so that all categories are sent to the Taegis™ XDR Collector for processing.
Juniper Pulse Secure events are normalized as Secureworks® Taegis™ XDR Sensor Type