> For the complete documentation index, see [llms.txt](https://propscreen.gitbook.io/propscreen/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://propscreen.gitbook.io/propscreen/going-forward.../siem-integration.md).

# SIEM Integration

While currently in the ideation phase, the next milestone for PropScreen is to support integration for SIEMs. This would allow a security team to enjoy the functionality of their SIEM's feature set when reviewing the logs created by PropScreen. The primary impetus for the delivery of this feature is to allow for security teams using PropScreen and a SIEM to receive real time alerts of when policy violations are detected. The data that would be ingested by the SIEM would be the logs created for the Interdiction Log Database. 

<figure><img src="/files/1LDWbNvo0lNujiWvbfRB" alt=""><figcaption><p>Notional High Level Architecture for SIEM Integration</p></figcaption></figure>

Below is a mockup of how the integration would look to the end user. The user of the SIEM would be able to view alerts generated from PropScreen. The ability to offer integration into pre-existing SIEMs would reduce the friction that security teams would feel when adopting the PropScreen by reducing the level of context switching between their SIEM and PropScreen's Interdiction Logs. This would reduce the amount of user toil and allow the users to focus on their primary job functions.&#x20;

<figure><img src="/files/RXvpAjK1U7hhCNRgSUvs" alt=""><figcaption><p>The vision for SIEM integration, note the "Alerts" section shows activity from PropScreen</p></figcaption></figure>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://propscreen.gitbook.io/propscreen/going-forward.../siem-integration.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.