Faculties, Departments and Business Units at Western can use the power and versatility of Western's Security Information and Event Management (SIEM) platform to analyze and generate reports of potential security events from the data that is being ingested from their systems. WTS can help ensure that:

• Endpoint log collection clients are properly installed and configured
• Cloud platforms are integrated using approved API connections
• Data is accurately and safely ingested into the SIEM
• Security teams can access meaningful reports and alerts based on their data This service supports stronger threat detection and improves visibility into potential security risks across university systems.

To request Log Collection on client endpoints: Please submit a ticket to the WTS Helpdesk.

• For systems to have logs ingested, they must be on the Western network or be on an external cloud platform with appropriate API access set up.
• Users must have access granted to the SIEM platform to conduct any reporting on data.