Couchdrop now integrates directly with several Security Information and Event Management platforms, including Splunk, Microsoft Sentinel, and Datadog. 

With this highly requested feature, security and infrastructure teams can monitor Couchdrop activity alongside the rest of their infrastructure without having to log in and monitor events across separate systems, increasing accuracy and covering potential monitoring gaps. This will help enterprise teams simplify operations, improve visibility, and meet compliance requirements. 

Why integrated logging matters for file transfers

Most security teams already centralize their logging in platforms like Microsoft Sentinel, Datadog, ELK, or Splunk. File transfer systems that operate outside this infrastructure create extra work and the potential for gaps in monitoring, particularly when they have no definitive way of sending events to the SIEM platform. 

When file transfer logs reside in separate platforms, teams either ignore this activity entirely or spend time manually correlating events across different platforms. Neither approach works well for enterprise security operations, and our new SIEM integrations eliminate these disparities and correspond to the way that modern data and security teams operate while ensuring they meet compliance standards. 

Couchdrop SIEM Integrations

You can now use the built-in SIEM Integrations to send events to logging platforms. Couchdrop integrates directly with Datadog, Splunk, Microsoft Sentinel, and Elastic Stack (ELK), as well as any other major logging providers that support receiving JSON events via webhook.

Compatible events

Couchdrop supports the following four different event types:

  • Login
  • Admin changes
  • Failures
  • File based actions

Events are sent in JSON format and can be configured for each platform based on event type within Couchdrop. 

Using Couchdrop with other SIEM platforms

Couchdrop can also integrate with other SIEM platforms by sending events to any logging system via a webhook. 

For other providers, you'll need to choose the events to send and then configure your Webhook Endpoint, Event JSON attribute, Headers, and any other additional attributes. 

This opens up the potential to use any SIEM platform with Couchdrop and have the events sent in a format that is compatible with your existing workflows and operations. 

Getting started

Setting up SIEM integrations is simple and straightforward in Couchdrop.

To set up an integration, go to Logging in the Admin panel and choose your platform. From there, simply select event types to send, and Couchdrop will show what credentials you need from the platform in order to activate the integration.

Events will start flowing immediately after a successful connection is made, and should work with your existing alerting rules and dashboard configurations.

For more details on setting up each integration, see the setup guides for Datadog, Splunk, Microsoft Sentinel, or Elastic, or get in touch with the team at sales@couchdrop.io