/
About this Guide

About this Guide

This document is designed to assist a systems/security administrator to use the Snare Reflector for Windows.

The Snare Reflector is capable of reflecting incoming events to a Snare Server, or third party SIEM server or collector. The Reflector supports a range of target formats including, but not limited to:

  • Snare
  • Syslog RFC 3164
  • Syslog RFC 5424
  • QRadar
  • Envision

TLS encryption is available, if the destination server supports it.

The Snare Reflector is capable of filtering events on a per destination basis. It may convert data from one format to another, and can modify the event information on the fly to suit your target SIEM server or syslog destination.