Install the Spyderbat Event Forwarder

Install the Spyderbat Event Forwarder to deliver SIEM-forwarded events from Spyderbat to your SIEM, Splunk, or any HTTP endpoint.

The Event Forwarder requires SIEM forwarding to be enabled on at least one saved query before it will receive events. See SIEM Forwarding to set up the control plane first.

The Spyderbat Event Forwarder is an open-source binary (github.com/spyderbat/event-forwarder) that polls the Spyderbat SIEM API and delivers events to your destination. It supports files, stdout, syslog, and HTTP webhooks.

Deployment options

Deployment

When to use

Guide

Helm chart

Kubernetes environments

Helm Chart

Traditional installer

Linux systemd (VM, bare metal, EC2)

Traditional Installer

Run only one Event Forwarder instance per organization. Multiple instances each deliver the full event stream, producing duplicates.

For architecture details, see Spyderbat Event Forwarder.

Last updated 13 days ago

Was this helpful?

hashtagDeployment options

Deployment options