Nozomi CMC

Overview

Nozomi Central Management Console is a centralized platform that streamlines the management of cybersecurity across industrial networks. It enables users to monitor, configure, and respond to threats in real-time, ensuring enhanced visibility and control over operational technology environments. With its user-friendly interface and powerful analytics, the console simplifies security operations and strengthens defense against cyber risks.

• Supported environment: On prem
• Detection based on: Alerts, Audit
• Supported application or feature:
  • Alerts
  • Health
  • Audit

Configure

1. In the top navigation bar, select settings
2. In the Settings section, select Data integration.
3. In the top right section, select Add.
4. From the Choose a configuration dropdown, select CEF.

1. Enter the necessary details and enable whichever log types you prefer.

Create your intake

Go to the intake page and create a new intake from the Nozomi CMC.

Enjoy your events on the Events page

Detection section

The following section provides information for those who wish to learn more about the detection capabilities enabled by collecting this intake. It includes details about the built-in rule catalog, event categories, and ECS fields extracted from raw events. This is essential for users aiming to create custom detection rules, perform hunting activities, or pivot in the events page.

No related built-in rules was found. This message is automatically generated.

Further Readings

• Data integration overview
• Data integration
• Syslog Forwarder
• Alerts and Incidents. Reference Guide