Samurai XDR Collectors are used to receive and transport telemetry from your security controls, network devices or cloud services to Samurai XDR.
There are two types of collectors:
1. Cloud Collector
- Is deployed within the Samurai XDR platform and is used to gather telemetry from cloud native services and/or security controls. For a cloud collector you simply need to complete the relevant integration.
2. Local Collector
- Is typically deployed on your internal network and is used to gather telemetry from your local security controls and network devices. We have packaged the local collector as a virtual machine for you to deploy.
What type of Collector do you require?
This is dependent on the products you want to integrate with Samurai XDR. If they are deployed on your internal network, we need a method to gather telemetry data, in this case a Local Collector is required.
For cloud-native services we typically utilize a Cloud Collector deployed within the Samurai XDR to gather telemetry data.
- Review our Supported Integrations and associated Integration Guides to determine the collector type(s) required. Within each Integration Guide there is a table denoting use of a Local or Cloud Collector, alternatively this is displayed in the Samurai XDR application when working through integration.
- You may also choose to jump directly to the Samurai XDR application and review integrations
- If you have determined you require a local collector then click on Samurai XDR Local Collector and follow the steps to create, configure and install.
Article is closed for comments.