---
title: "Fortanix DSM with Sumo Logic (SIEM) for Windows Server"
slug: "using-fortanix-dsm-with-sumo-logic-siem-integration-guide-for-windows-server"
updated: 2026-05-26T06:36:35Z
published: 2026-05-26T06:36:35Z
canonical: "support.fortanix.com/using-fortanix-dsm-with-sumo-logic-siem-integration-guide-for-windows-server"
---

> ## Documentation Index
> Fetch the complete documentation index at: https://support.fortanix.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Fortanix DSM with Sumo Logic (SIEM) for Windows Server

## 1.0 Introduction

This article describes how to integrate **Fortanix-Data-Security-Manager (DSM)**with**Sumo Logic (SIEM)**on Windows Server.

## 2.0 Terminology

- **DSM - Data Security Manager**

Data Security Manager is a cloud solution secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, such as passwords, API keys, tokens, or any blob of data.
- **Sumo Logic**

Sumo Logic is a security information and event management (SIEM) solution that provides security analysts with enhanced visibility across the enterprise to thoroughly understand the impact and context of an attack. Sumo Logic offers streamlined workflows that automatically triage alerts to maximize security analyst efficiency and focus.

## 3.0 Download and Install Sumo Logic Collector in Windows

### 3.1 System Requirements

System requirements for Windows:

- Windows 7, 32 or 64-bit
- Windows 8, 32 or 64-bit
- Windows 8.1, 32 or 64-bit
- Windows 10, 32 or 64-bit
- Windows Server 2012
- Windows Server 2016
- Windows Server 2019
- Single core, 512MB RAM
- 8GB disk space
- Package installers require TLS 1.2 or higher

### 3.2 Download the Collector

Download the collector in one of the following ways:

- Through the user interface (UI):
  - In Sumo Logic, select **Manage Data**→**Collection**→**Collection**.
  - Click **Add Collector** → **Installed Collector**.
  - Click the link for the collector to begin the download.
- Through a Web Browser:
  - Open a browser and enter the static URL for your pod.
  - The collector begins to download.
  - *See*[*Download a Collector from a Static URL*](https://help.sumologic.com/03Send-Data/Installed-Collectors/05Reference-Information-for-Collector-Installation/02Download-a-Collector-from-a-Static-URL)*for a list of URLs for your deployment pod.*

### 3.3 Generate Access Keys

Perform the following steps to generate access keys:

1. On the UI, click **Profile**→**Preferences**→**Add Access Key**.

![Add_Access_Key.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/6391200958740.png)

**Figure 1: Add access key**
2. Enter a name for the key and click **Create Key**.

![Create_Access_Key.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/6391211154836.png)

**Figure 2: Create access key**

*For more information, refer to*[*Access Keys*](https://help.sumologic.com/Manage/Security/Access-Keys)*.*

### 3.4 Install the Connector

You can choose one of the following methods to install the Collector:

- [*UI installer*](https://help.sumologic.com/03Send-Data/Installed-Collectors/03Install-a-Collector-on-Windows#install-using%C2%A0the-ui-installer)**(This method does not support all advanced settings)

To install the collector using the UI installer:
  1. Extract the zip file you downloaded in [*Section 3.2: Download the Collector*](/v1/docs/using-fortanix-dsm-with-sumo-logic-siem-integration-guide-for-windows-server#32-download-the-collector).
  2. Right-click on the `.EXE` file and click **Run**.
  3. Enter your admin username and password if prompted.
  4. Click **Next,** and when prompted, enter a name for the collector.

![Enter_Collector_Name.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/6394995532564.png)

**Figure 3: Enter collector name**
  5. When prompted to select a URL, select **Override the Default URL** and enter the Fortanix DSM URL. For example,****`amer.smartkey.io`.

![Enter the URL1.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/17733378446228.png)

**Figure 4: Enter the URL**
  6. When prompted, enter the **Access Key** and **Key ID** generated in [*Section 3.3: Generate Access Keys*](/v1/docs/using-fortanix-dsm-with-sumo-logic-siem-integration-guide-for-windows-server#33-generate-access-keys).
  7. Keep clicking **Next**and click **Finish** when the installation is complete.
- [*Command line installer*](https://help.sumologic.com/03Send-Data/Installed-Collectors/03Install-a-Collector-on-Windows#install-using%C2%A0the-command-line-installer)

The easiest and fastest way to install the connector is by using the command line installer. To install the connector using the command line installer:

> [!NOTE]
> NOTE
> 
> 1. The `-console` parameter is required to display output messages from the installation.
> 2. **For Powershell Users**: When using quiet mode installation on Windows with Microsoft PowerShell, the parameters following `-console -q` must be escaped with quotes, For example,
> 
> ```bash
> SumoCollector.exe -console -q "-Vsumo.accessid=<accessId>" "-Vsumo.accesskey=<accessKey>" "-Vsources=<filepath>"
> ```

*To learn more about installing a collector on Windows, refer to*[*Install a Collector on Windows*](https://help.sumologic.com/03Send-Data/Installed-Collectors/03Install-a-Collector-on-Windows#install-using%C2%A0the-ui-installer)*.*

Once the collector is installed, it appears under **Manage**→**Collection**.

![Collector_Appears_in_Sumo_Logic.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/6389860945428.png)

**Figure 5: Collector appears in sumo logic**
  1. From the command prompt, run the downloaded `.EXE` file with the parameters that you want to configure. *See*[*Parameters for the Command Line Installer*](https://help.sumologic.com/03Send-Data/Installed-Collectors/05Reference-Information-for-Collector-Installation/06Parameters-for-the-Command-Line-Installer)*for a description of the parameters.*
  2. When you see the `Finishing installation..` message, close the command prompt window. The installation is complete.

### 3.5 Configure Syslog Server on Windows

#### 3.5.1 Configure Syslog Server on Sumo Logic

Perform the following steps:

1. Click **Manage Data**→ **Collection**.
2. Click **Edit** next to **Syslog Server**.
3. Select **Protocol** as **TCP**, **Port** as **514**, leave the rest of the settings as default, and then click **Save**.

![Configure_the_Connector_in_Sumo_Logic.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/6391240941460.png)

**Figure 6: Configure the connector in sumo logic**

#### 3.5.2 Configure Syslog Server on Fortanix DSM

You can configure Fortanix DSM to send audit log entries to the Syslog server.

Perform the following steps to configure logging events to the Syslog:

1. In the **Custom Log Management Integrations**section, click **ADD INTEGRATION** for Syslog.
2. On the **Syslog Log Management Integration** form:

![](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/Screenshot (3486)(1).png)

**Figure 7: Syslog integration form**
  - **Host**: Enter the hostname or IP address of your Syslog server.
  - **Enable TLS**: Select this check box to communicate with the Syslog server over a secure connection using TLS.
    - **Host validation**: The **Validate host** option, if selected, ensures that the hostname or IP address you entered matches the hostname on the server certificate, verifying that the connection is securely directed to the intended server.
    - **Validate certificate**: You can connect to the Syslog server over a non-secure connection or a secure TLS connection.
      - **Global Root CAs**: Use this certificate if you are using a certificate that is signed by a well-known public Certificate Authority (CA).
      - **Custom CA Certificate**: Use this certificate if you, as an enterprise, want to self-sign the certificate using your own internal CA.

Click **UPLOAD A FILE** to upload the CA certificate. When Fortanix DSM, as a client, connects to the Splunk server and is presented with the server’s certificate, it validates the connection using the enrolled custom CA Certificate.
  - **Port (TCP)**: Enter the port number for the Syslog service. The default is port **514**, or if you are using a different port, update the port number accordingly.
  - **Facility**: When you log an event in Syslog, you can choose to log it in different facilities. Use this setting to filter logs by a specific facility, such as **User**, **Local0**, **Local1**, and others that are well-defined in the Syslog protocol. For example, configure Fortanix DSM to use the **Local0**facility to easily filter logs from a specific appliance.
  - **Use FQDN hostname**: This check box is selected by default. When enabled, the DSM cluster’s FQDN is used as the hostname in Syslog log entries, enabling identification of the source cluster in multi-cluster environments.
3. Click **SAVE** to add the Syslog integration.

### 3.6 View Audit Logs on Sumo Logic

Once all the above steps are completed, you can see all the audit logs in the Sumo Logic Screen.

![View_Audit_Logs_in_Sumo_Logic.png](https://cdn.us.document360.io/c3bd85d2-4ad8-4d85-9f60-f1c168a3aad9/Images/Documentation/6389867160724.png)

**Figure 8: View audit logs in sumo logic**

You can further customize the data and chart by writing a query on the search bar. For example,

```bash
_sourceCategory="Fortanix" and _collector="sumologictest" |
logreduce
| timeslice 1h
| count by _timeslice
| order by _timeslice
```

Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.

## Related

- [Fortanix DSM with Rapid7 InsightIDR](/fortanix-dsm-with-rapid7-insightidr.md)
- [Logging](/fortanix-dsm-logging.md)