Integration with Popular SIEM Solutions

Security information and event management (SIEM) tools gather sensitive security logs from various services to monitor all activities performed from a central location. Having security logs from multiple IT resources can help IT teams to identify malicious activities. And adding these logs, containing information about all password actions, to the enterprise SIEM system can provide a holistic view of both internal and external threats.

Zoho Vault's integration with popular SIEM tools will allow organizations to manage all their Vault audit logs from the SIEM service of their choice. You can create custom alerts and receive instant or periodic notifications based on the configurations available in your SIEM service, to stay informed of all activities in your password manager.

Prerequisite

Super admin of Zoho Vault
Valid subscription with the relevant SIEM tools

SIEM integration

Integrating with the SIEM services commonly involve two steps:

Generating a token
Identifying the collector hostname

Currently, we offer integration with seven SIEM solutions:

Loggly
Logz.io
Sematext
Sumo Logic
Timber
Microsoft Sentinel
Datadog

Note

By default, all audits captured in Zoho Vault will be sent to your SIEM service. To filter the audits sent, select Manage Syslog Configurations from SIEM Integrations in Vault.
We support only the HTTPS protocol at the moment.
You can send logs only to one service at once.

Integration with Loggly

Log in to your Loggly account, then select Source Setup from the menu bar.
Select Customer Tokens from the submenu.
A customer token is created by default. Copy this token for later use, or click Add New to use a new token with Zoho Vault.
To find out the Collector Hostname, select Source Setup, then click HTTP/S Event Endpoint.
Logs-01.loggly.com will be the hostname by default. If you've modified it, you can find the current URL from the field highlighted in the screenshot below.

Configuring Loggly details in Vault

Log in to your Zoho Vault account as a super admin, then select Settings.
Select SIEM Integration, then click Edit configurations under Loggly.
Enter the Collector Hostname and token details, then click Save Configuration.
Click Enable.

Accessing Zoho Vault logs from Loggly

To view all audit logs from Vault in Loggly:

Log in to your Loggly account.
Click Search, then search for the logs from Vault based on the time and date of the operation.

Integration with Sematext

Log in to your account, then select Logs.
Click Create logs app.
Enter the App Name, then click Continue.
Select Actions, then click Integrations.
Scroll down to the section Where to send logs?.
Copy the hostname and index (token) details for later use.

Configuring Sematext details in Vault

Log in to your Zoho Vault account as a super admin, then select Settings.
Select SIEM Integration, then click Settings under SemaText.
Enter the Collector Hostname and token details, then click Save Configuration.
Click Enable.

Accessing Zoho Vault logs from Sematext

To view all audit logs from Vault in Sematext:

Log in to your Sematext account.
Select the app you configured under Logs.
View the total number of logs generated from Log counts, and details of all the logs generated from Log Events.
Click Search, then search for the logs from Vault based on the time and date of the operation.

Integration with Sumo Logic

Log in to your account, then select Manage Data.
Select Collections, then click Add Collector.
Select Hosted Collector as the Collector Type.
Enter a Name, then click Save.
Select Add Source corresponding to the newly created Collector, then select HTTP Logs and Metrics.
Enter a name for the source, then click Save.
Copy the URL generated for later use.
Click OK.

Configuring Sumo Logic details in Vault

Log in to your Zoho Vault account as a super admin, then select Settings.
Select SIEM Integration, then click Settings under Sumo Logic.
Enter the Collector URL, then click Save Configuration.
Click Enable.

Accessing Zoho Vault logs from Sumo Logic

To view all audit logs from Vault in Sumo Logic:

Log in to your Sumo Logic account.
Select Manage Data, then click Collections.
Select Open in Log Search from the newly created source to view the logs from Vault, based on the time and date of the operations.

Integration with Logz.io

Log in to your account, then select Send Your Data from the menu bar.
Select Libraries, then click Bulk HTTP/S.
Under URL for HTTPS, you’ll find the Collector Hostname. Copy the hostname as shown in the screenshot below.
Note: By default, your hostname will be listener.logz.io.
Under Query string parameters, you’ll find the token details. Copy the token from the description.

Configuring Logz.io details in Vault

Log in to your Zoho Vault account as a super admin, then select Settings.
Select SIEM Integration, then click Settings under Logz.io.
Enter the Collector Hostname and token details, then click Save Configuration.
Click Enable.

Accessing Zoho Vault logs from Logz.io

To view all audit logs from Vault in Logz.io:

Log in to your Logz.io account.
Select Kibana to view the logs based on the time and date of the operation.

Integration with Timber

Log in to your account, then select Sources.
Click Add a New Source, then select Protocols.
Select HTTP API.
Under HTTP API settings, enter a Source Name, then click Next Step.
Copy the Source ID and API Key (Token) details for later use, then select Next Step.

Configuring Timber details in Vault

Log in to your Zoho Vault account as a super admin, then select Settings.
Select SIEM Integration, then click Settings under Timber.
Enter the Source ID and token details, then click Save Configuration.
Click Enable.

Note: By default, the hostname will be logs.timber.io.

Accessing Zoho Vault logs from Timber

To view all audit logs from Vault in Timber:

Log in to your Timber account, then select Console.
Select the source name specified earlier from the dropdown box to view the logs from Vault, based on the time and date of the operation

Integration with Microsoft Sentinel

Log in to your Microsoft Entra ID portal, then access the Microsoft Sentinel service.
Select the Sentinel instance to which you want to forward Zoho Vault's Audit trails.
On the left panel, select Settings under Configurations.
Click Workplace Settings.
From the left panel, select Agent management, then click Log Analytics agent instructions.
Make a note of the Workspace ID and Primary key details to be configured in Zoho Vault.

Configuring MS Sentinel details in Vault

Log in to your Zoho Vault account as a super admin, then select Settings.
Under Settings, click SIEM Integration.
Enable MS Sentinel.
Configure the Workspace ID and Primary key as Token, then click Save Configuration.

Accessing Zoho Vault logs from MS Sentinel

To view all audit logs from Vault in Sentinel:

Log in to your Microsoft Entra ID portal, then access the Microsoft Sentinel service.
Select the Sentinel instance from which you want to see Zoho Vault's Audit trails.
On the left panel, select Settings under Configurations.
Click Workplace Settings.
From the left panel, select Logs.
Close the Queries menu.
Run this query.
View Logs from the Results section.

Integration with Datadog

Log in to your Datadog account.
Navigate to the Settings menu in the left sidebar.
Under Organization Settings, select API Keys.
You’ll see a default API key already created. Copy this key to use later, or, if you prefer, click New Key to generate a new one for Zoho Vault.

Configuring Datadog details in Vault

Log in to your Zoho Vault account as a super admin.
In the settings menu, select SIEM Integration, then click Edit Configurations under Datadog.
Enter the Collector Hostname and Token details provided by Datadog, then click Save Configuration.
Click Enable to activate the integration.
Select the list of audit trails to be sent to your SIEM service from Zoho Vault under Manage Syslog Configuration.

Enter the domain as the hostname in Zoho Vault for configuration. For example, if the URL is https://app.datadoghq.com, the hostname should be datadoghq.com.

Accessing Zoho Vault logs from Datadog

To view all Zoho Vault audit logs in Datadog:

Log in to your Datadog account.
In the search bar, use the filter "source:zohovault" to locate Vault logs.

Access your files securely from anywhere

Zoho CRM Training Programs

Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.

Redefine the way you work

with Zoho Workplace

Start your free trial

Zoho DataPrep Personalized Demo

If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.

Create, share, and deliver

beautiful slides from anywhere.

Get Started Now

Zoho Sign now offers specialized one-on-one training for both administrators and developers.

BOOK A SESSION

Zoho Workerly Home
Forums
Connect With Us:

Zoho Recruit Home
Forums
Connect With Us:

Start tracking your website metrics today

Use PageSense to understand what your visitors are looking for, how they are behaving, and where they are facing problems on your website.

Ready to improve your website's performance?

Install the PageSense code snippet on your site in a matter of minutes and start collecting in-depth data about the website visitors to grow your business.

Track and measure every business goal

Set up goals in PageSense to measure every single action performed by visitors on your website like button or link clicks, form submissions, and page engagements.

Understand the customer journey on your website

Create funnels in PageSense to quickly see which pages visitors use to enter your website, where they navigate to next, and which pages they decide to leave without converting.

Visualize your visitor's behavior with color codes

Set up heatmaps in PageSense to see where users have clicked more, how far they've scrolled, and on which parts of a page they've spent the most time using color-coded patterns in reports.

Measure customer engagement with your web forms

Use form analytics in PageSense to see how people interact with different fields in your form, whether they complete the form successfully or not, and where exactly they drop out on your form.

Record real visitor interactions on your website

Use session recordings in PageSense to watch a video of all the visitor actions performed on your website including the pages they navigate, the buttons they click, the UX issues they face, and more.

Test and optimize webpages for better conversions

Run A/B or Split URL tests in PageSense to figure out which version of your web page works best for your business and results in the best conversion rate.

Give each customer a unique website experience

Use personalization in PageSense to deliver customized versions of your website for every individual customer based on their demographics, local weather, browsing history, and more.

Grow your business through customer feedback

Run polls on your website using PageSense to understand what your customers think about your products/services and what needs improvement on your site.

Send timely updates that customers love

Use web push notifications in PageSense to schedule and notify your customers about an upcoming flash sale, product releases, promotional coupons, and a lot more that can spark conversions on your website.

Advertise your business to website visitors

Use pop-ups in PageSense to instantly grab the attention of visitors by showing attractive signup offers, coupon code discounts, or email newsletters that can eventually convert them into subscribers.

Access more advanced settings in PageSense

Use PageSense's advanced features like creating mutually exclusive groups, enabling cross-domain tracking, configuring customized project JS, and more to get deeper insights about your website.

Try easy-to-use extensions

Download the PageSense extension app available for your web browser with a few clicks and start collecting all of your required website metrics in real time.

Discover your favorite integrations with PageSense

Get a deeper look at your website's data by seamlessly integrating PageSense with a host of popular third-party apps like Google Analytics, Mixpanel, Intercom, and more.

Quick Links	Workflow Automation	Data Collection
Web Forms	Enterprise	Begin Data Collection
Interactive Forms	Workplace	Data Collection App
CRM Forms	Customer Service	Accessible Forms
Digital Forms	Marketing	Forms for Small Business
HTML Forms	Education	Forms for Enterprise
Contact Forms	E-commerce	Forms for any business
Lead Generation Forms	Healthcare	Forms for Startups
Wordpress Forms	Customer onboarding	Order Forms for Small Business
No Code Forms	Construction	RSVP tool for holidays
Free Forms	Travel
Prefill Forms	Non-Profit
Intake Forms	Legal	Mobile App
Form Designer	HR	Mobile Forms
Card Forms	Food	Offline Forms
Assign Forms	Photography	Mobile Forms Features
Translate Forms	Real Estate	Kiosk in Mobile Forms
Electronic Forms
Notification Emails for Forms	Alternatives	Security & Compliance
Holiday Forms	Google Forms alternative	GDPR
Form to PDF	Jotform alternative	HIPAA Forms
Email Forms		Encrypted Forms
Embeddable Forms		Secure Forms
Drag & drop form builder		WCAG

Zoho Campaigns Resources

Campaigns Community Learning Series

New to Zoho CRM Plus?

Deliver unforgettable customer experiences

ACCESS ZOHO CRM PLUS

New to Zoho CRM Plus?

Deliver unforgettable customer experiences

ACCESS ZOHO CRM PLUS

New to Zoho Marketing Plus?

Everything you need to run your marketing

ACCESS ZOHO MARKETING PLUS

New to Zoho Marketing Plus?

Everything you need to run your marketing

ACCESS ZOHO MARKETING PLUS

Zoho Pagesense Resources

You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.

New to Zoho Survey?

Access Zoho Survey

Latest Feature Updates

Explore our Pricing & Plans

Zoho Survey Resources

Android Mobile Surveys

Insurvey Blogs

Insight Blogs

Tips & Tricks

New to Zoho Social?

Manage your brands on social media

Access Zoho Social

Desk Community Learning Series
Digest
Functions
Meetups
Kbase
Resources
Glossary
Desk Marketplace
MVP Corner
Word of the Day
Ask the Experts

Zoho Sheet Resources

New to Zoho Forms?

Latest Feature Updates

Explore our Pricing & Plans

Zoho Forms Resources

Secure your business

communication with Zoho Mail

Get started

Mail on the move with

Zoho Mail mobile application

Go Mobile

Stay on top of your schedule

at all times

Get started

Carry your calendar with you

Anytime, anywhere

Get started

Latest Announcements

New to Zoho Sign?

Zoho Sign Resources

Sign, Paperless!

Sign and send business documents on the go!

Get Started Now

Zoho SalesIQ Resources

New to Zoho TeamInbox?

Zoho TeamInbox Resources

Connect with us

New to Zoho ZeptoMail?

LEARN MORE

Latest Feature Updates

Zoho DataPrep Resources

New to Zoho DataPrep?

Access Zoho DataPrep

Zoho DataPrep Demo

Get a personalized demo or POC

Design. Discuss. Deliver.

Create visually engaging stories with Zoho Show.

Get Started Now

New to Zoho Workerly?

Access Zoho Workerly

New to Zoho Recruit?

Access Zoho Recruit

New to Zoho CRM?

Signup Now

Access Zoho CRM

Latest Feature Updates

New to Zoho Projects?

Access Zoho Projects

New to Zoho Sprints?

Access Zoho Sprints

New to Zoho Assist?

Access Zoho Assist

New to Bigin?

Signup Now

Access Bigin

Latest Feature Updates

Related Articles
Integration with Popular Help Desks
Users often enable access control on critical shared passwords to prevent unauthorized access and to streamline access to critical accounts. When passwords are configured with access control, users will have to submit a password access request and ...
Integration with Microsoft Office 365
Thousands of businesses use Office 365 to manage their operations. With Zoho Vault's integration with Office 365, admins can quickly import users from Office 365, and help them securely manage their passwords with Zoho Vault, simplify user ...
Webhooks Integration
Send instant notification to legacy or third-party applications as and when critical events occur using Zoho Vault's Webhook integration. Using webhooks, you can configure custom workflow rules to trigger critical notifications and custom actions ...
Integration with Microsoft Active Directory
You can integrate Zoho Vault with your corporate identity stores, such as Active Directory (AD) or Lightweight Directory Access Protocol (LDAP), to manage and authenticate users. Acting as the service provider, Zoho Vault integrates with AD and LDAP, ...
Integration with Microsoft Entra ID
Zoho Vault can easily be integrated with Microsoft EntraID for efficient collaboration and user management. With this integration, you can manage users' access to Zoho Vault from your Microsoft EntraID portal, and allow users to access Zoho Vault ...