Requirements
Jamf Security Cloud integrated with the Workspace ONE Intelligence console
Workspace ONE Network Partner Credentials. For more information, see the Workspace ONE Trust Network documentation from Omnissa.
Super Admin privileges in Jamf Security Cloud
The connection details (hostname, port) for the server to which you want to send events
A server that can accept syslog over TLS and uses a certificate signed by an authority in the Common CA Database
(If applicable) A firewall configured to allow external connections to the configured TCP port from the Data Stream IP addresses. These addresses can be found under Advanced settings on the Data Stream page in Jamf Security Cloud.
(If applicable) If using client authentication, add the Wandera CA as a trusted source.
- In Jamf Security Cloud, navigate to .
- Click New configuration.
- Select a data stream type.
- Select as your data stream target type, and then click Continue.
- Configure your syslog server:
- Enter a name for the configuration.
- Enter your syslog server name or IP address in the Server hostname/IP field.
- Enter the port in the Port field.
- (Optional) Under Advanced settings, configure the log message to include the Workspace ONE Intelligence integration token that will be used to authenticate events on the server:
- Click Edit the log message.
- Under Custom Fields, fill in the fields as follows:
- name —Enter token.
- value —Enter the Workspace ONE Intelligence integration token value.
- Click +, and then click OK.
- Click Test configuration.
- Use the Enable configuration switch to turn on the data stream.
- Click Create configuration.
Your data stream is now sending events to your Workspace ONE Intelligence console in real time.To send different Jamf Security Cloud data stream types, create additional data streams.