SIEM Connector

The Synqly SIEM provider connects your application to your customers' SIEMs. Synqly supports writing and querying events to and from SIEMs.

API Reference

For full API documentation see the SIEM API Reference.

To create an integration with the SIEM connector, use the Create Integration API endpoint, using one of the provider configs below.

Supported Providers

• CrowdStrike Falcon Next-Gen SIEM (siem_crowdstrike)
• Elastic SIEM (siem_elasticsearch)
• Google Security Operations (Chronicle Compatibility) (siem_google_chronicle)
• Google Security Operations (siem_google_security_operations)
• Microsoft Sentinel (siem_sentinel)
• OpenSearch SIEM (siem_opensearch)
• QRadar (siem_q_radar)
• Rapid7 InsightIDR (siem_rapid7_insightidr)
• SIEM Test (siem_mock_siem)
• Splunk Enterprise Security (siem_splunk)
• Sumo Logic Cloud SIEM (siem_sumo_logic)

Supported Operators by Provider

APIs with Filters