Integration with Rapid7 InsightIDR

Well aware of both the promise and challenges with SIEM, Rapid7 worked hand-in-hand with security teams to take all the best parts — and more — and fold them into InsightIDR, your solution for incident detection and response. InsightIDR unifies SIEM, UBA, ABA, NTA and EDR capabilities with your existing network and security stack to provide real-time visibility and incident detection across your network, endpoints, and cloud services. Forget writing and tuning rules, retracing user activity, and managing clusters — InsightIDR will show you the answers hidden in your user activity, logs, and endpoints. Even better? With the Rapid7 Insight platform you can then share that data between security, IT, and DevOps teams.

This integration is enabled through the Acronis SIEM Connector. The SIEM Connector uses the Acronis agent as a log writer, enabling MSPs to store Acronis Alerts, Events, Activities, and Audit Log on any endpoint in the customer network from where they can be ingested by the SIEM, or send those logs to a syslog server. The Connector supports CEF and JSON log formats.