How-To: Export your EZCMS Logs to Kafka

Learn how to monitor critical user actions by pushing the information to your Kafka SIEM.

Prerequisites

How To Export Your EZCMS Audit Logs To Kafka

How To Enable Log Export in EZCMS Portal

  1. Go to your EZCMS portal.

  2. Click on Settings.

    EZCMS Passwordless Onboarding portal showing Settings option highlighted in the left navigation sidebar

  3. Scroll down to SIEM Connection Settings and enable the Send Alerts to SIEM option.

    EZCMS Passwordless Onboarding SIEM Connection Settings panel with Send Alerts to SIEM checkbox highlighted in red

How To Configure Kafka Logs in the Kafka Portal

  1. Open your Kafka instance in another window.

  2. Identify your Kafka topic name and note it down.

  3. Verify authentication support:
    Ensure your Kafka server supports Plaintext SASL Authentication.

  4. Gather credentials:
    Note the SASL username and password required for authentication.

How To Configure the Kafka SIEM in EZCMS Portal

  1. Now go back to the EZCMS Portal.

  2. Select Kafka as the SIEM Provider.

    Set Kafka as the SIEM in EZCMS

  3. Input the values that you copied from the Kafka portal. Then, click Test Connection. This will create a test log in your Kafka SIEM (please allow a few minutes for the log to show up in the Kafka portal).

    Kafka Paste Values and Test Connection

  4. If the connection test is successful, click Save Changes.

    EZCMS SIEM Settings Save Changes

  5. EZCMS will now send your security alerts to your SIEM. If an error occurs it will email your subscription administrators.