Set Up Data Collectors

☰

🌙☀

Subscribe to the Taegis™ XDR Documentation RSS Feed at .

Learn more about RSS readers or RSS browser extensions.

Taegis Docs Home
About XDR
Getting Started
Integrate with XDR
Manage Integrations
Alerts, Events, and Investigations
- Alerts
- Events
- Investigations
- CyberChef
Dashboards
Search and Reports
- Search
- Reports
Automation
- Automation Overview
- Supported Playbooks
- Supported Connectors
- Playbooks
- Connectors
- Automation Authoring
  - Building Connector Definitions
  - Building Playbook Templates
  - Common Expression Language (CEL)
Threat Intelligence, Hunting, and Detection
- Threat Intelligence
- Threat Hunting
  - Hunting with Jupyter Notebooks
- Detectors
- Adversary Software Coverage
  - Adversary Software Coverage
  - Frequently Asked Questions
XDR Admin
- Your Account
- Tenant Settings
APIs, SDK, and Magic
- Using XDR GraphQL APIs
- API Authentication
- XDR Python SDK
- Taegis Magic Jupyter Integration
  - Overview
- Alerts API
  - Using the Alerts API
  - Alerts GraphQL API
- Assets API
- Audits API
  - Using the Audits API
  - Audits GraphQL API
- Automations APIs
- Bring Your Own Threat Intelligence API
  - Using the BYOTI API
  - BYOTI GraphQL API
- Collector APIs
- Investigations API
  - Using the Investigations API
  - Investigations GraphQL API
- Threat Intelligence API
  - Using the Threat Intelligence API
  - Threat Intelligence GraphQL API
- Using the Users GraphQL API
- Using the Tenants GraphQL API
- Using the Countermeasures API
- Using the File Upload API
- Power BI for XDR
Secureworks Products, Services, and Policies
- Taegis NDR
  - Overview
  - Service Description
  - Transitioning from CTP
  - Legacy iSensor Service Descriptions
    - Managed iSensor
    - Managed iSensor Add-on
- ManagedXDR
- ManagedXDR Elite
  - Service Description
  - Onboarding Guide
- ManagedXDR for OT
- ManagedXDR Enhanced
  - Service Description
  - Onboarding Guide
- Secureworks Professional Services
- Legal

Onboarding

1 Getting Started

2 Integrate EDR Agent

3 Integrate Data Sources

4 Using XDR

5 Steady State

3.1 Set Up Data Collectors

3.2 Forward Data to Collectors

3.3 Set up Cloud APIs

Set Up Data Collectors ⫘

XDR can acquire telemetry from a variety of popular security controls. Data collectors are available to receive and transport telemetry to the XDR data lake.

XDR allows unlimited data collectors to acquire telemetry and logs from traditional security controls, which can be deployed to popular virtualization platforms and IaaS clouds.

Consider the following when determining collector quantity and placement:

Collectors can process 200,000 events per second (EPS) under ideal conditions (adequate compute, storage, and bandwidth resources).
Consider geographical locations and bandwidth concerns when determining placement.
We recommend deploying collectors as close to the data source as possible. Make sure that there are sufficient network permissions to guarantee that data sources' log traffic reaches the collector.

Common Data Collectors ⫘

On-Premises:

AWS:

Azure:

Review the following guides for integration of common data collectors:

XDR On-Premises Data Collector

AWS Data Collector

Azure Data Collector

Google Cloud Platform (GCP) Data Collector

Manage Data Collectors ⫘

To learn more about managing data collectors, see the following guide:

Manage Data Collectors