Falcon SIEM Connector

Organizations need to collect and archive log data for purposes ranging from regulatory compliance, to log management, to the aggregation of events from multiple security products. SIEMs (Security Information and Event Management) have become the tool of choice to gather these type of data. But the disparity of log formats and number of connectivity methods between a SIEM and its data sources can make data collection arduous and lengthy for SIEM users.

Optimized Security Event Gathering on the Endpoint
Using Falcon Host in conjunction with the Falcon SIEM Connector offers a fast, simple and reliable way to optimize the collection of relevant security events across hundreds of thousands endpoints. The lightweight Falcon Host Sensor will perform the otherwise hard work of collecting the data from distributed endpoints with no additional infrastructure deployment. Falcon Host Sensors will send that data from your environment into the Cloud. Then, the Falcon SIEM Connector will seamlessly pull that data from the Cloud to your SIEM.


  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Center.

Visit the Tech Center