SIEM Connectors
Stream AI security events to Splunk, Datadog, or Microsoft Sentinel in real time.
Overview
SIEM connectors are format adapters built on top of AISG's existing webhook engine. When a security event fires (PII blocked, injection detected, budget exhausted), the connector transforms it into your SIEM platform's native format and delivers it in near real-time.
- Unified security visibility — AI governance events alongside your existing security telemetry
- Org-level configuration — each organization connects to its own SIEM instance
- Platform-native formats — events arrive pre-formatted for Splunk, Datadog, or Sentinel
- Metadata only — no prompt or response content is ever included in SIEM payloads
- Built on the webhook engine — inherits retry logic, delivery tracking, and at-least-once semantics
Supported Platforms
Splunk
HTTP Event Collector (HEC)Events are sent as JSON to your Splunk HEC endpoint. Each event includes a sourcetype of aisg:security, a severity field mapped to Splunk severity levels, and structured event data.
Required: HEC endpoint URL + HEC token. Optionally set a custom index and sourcetype.
Datadog
Logs API (v2)Events are sent as structured JSON logs to the Datadog Logs intake. Tags include service:aisg, source:ai-security-gateway, and the event type. Severity maps to Datadog log status levels.
Required: Datadog API key + site region (e.g. datadoghq.com, datadoghq.eu).
Microsoft Sentinel
Azure Monitor Data Collection Endpoint (DCE)Events are sent to a Data Collection Endpoint using the Logs Ingestion API. Each event is formatted as a custom log record compatible with Azure Monitor tables.
Required: DCE endpoint URL + DCR immutable ID + Azure AD app credentials (tenant ID, client ID, client secret).
Event Types
| Event | Severity | Description |
|---|---|---|
| dlp.pii_blocked | High | A request was blocked because it contained PII entities that exceeded the sensitivity threshold |
| dlp.injection_blocked | Critical | A prompt injection attempt was detected and blocked before reaching the AI provider |
| dlp.pii_redacted | Medium | PII entities were detected and redacted (replaced with placeholders) before forwarding |
| budget.exhausted | Medium | A project's monthly budget was exhausted and subsequent requests were blocked |
| loop.detected | High | A repetitive request loop was detected and interrupted to prevent runaway token spend |
Severity Mapping
AISG severity levels are mapped to each platform's native severity taxonomy.
| Event | AISG | Splunk | Datadog | Sentinel |
|---|---|---|---|---|
| dlp.injection_blocked | Critical | 1 (Critical) | CRITICAL | High |
| dlp.pii_blocked | High | 2 (High) | ERROR | Medium |
| loop.detected | High | 2 (High) | ERROR | Medium |
| dlp.pii_redacted | Medium | 4 (Medium) | WARN | Low |
| budget.exhausted | Medium | 4 (Medium) | WARN | Informational |
Payload Examples
Each platform receives events in its native format. Below are example payloads for a dlp.pii_blocked event.
{
"event": {
"type": "dlp.pii_blocked",
"severity": "high",
"timestamp": "2026-06-08T14:32:01.442Z",
"org_id": "org_abc123",
"project_id": "proj_xyz789",
"entities_detected": ["SSN", "EMAIL_ADDRESS"],
"action": "blocked",
"model": "gpt-4.1",
"provider": "openai"
},
"sourcetype": "aisg:security",
"index": "main",
"time": 1749393121
}{
"ddsource": "ai-security-gateway",
"ddtags": "service:aisg,env:production,event_type:dlp.pii_blocked",
"hostname": "aisg-prod",
"message": "PII blocked: SSN, EMAIL_ADDRESS detected in request to gpt-4.1",
"status": "error",
"service": "aisg",
"timestamp": "2026-06-08T14:32:01.442Z",
"attributes": {
"event_type": "dlp.pii_blocked",
"severity": "high",
"org_id": "org_abc123",
"project_id": "proj_xyz789",
"entities_detected": ["SSN", "EMAIL_ADDRESS"],
"action": "blocked",
"model": "gpt-4.1",
"provider": "openai"
}
}{
"TimeGenerated": "2026-06-08T14:32:01.442Z",
"EventType": "dlp.pii_blocked",
"Severity": "Medium",
"OrgId": "org_abc123",
"ProjectId": "proj_xyz789",
"EntitiesDetected": "SSN,EMAIL_ADDRESS",
"Action": "blocked",
"Model": "gpt-4.1",
"Provider": "openai",
"Source": "AISecurityGateway"
}Configuration
Configure SIEM connectors from the dashboard at Settings → SIEM. The setup wizard guides you through three steps.
- 1
Choose your SIEM platform
Select Splunk, Datadog, or Microsoft Sentinel from the platform dropdown.
- 2
Enter endpoint & credentials
Provide your SIEM endpoint URL and authentication token. Credentials are stored in AWS Secrets Manager — never in the application database.
- 3
Select event types
Choose which event types to forward. You can enable or disable individual events at any time without reconfiguring the connector.
Security
Secrets in AWS Secrets Manager
All SIEM credentials (HEC tokens, API keys, Azure AD secrets) are stored in AWS Secrets Manager with automatic rotation support. Plaintext credentials are never stored in the application database.
HTTPS-Only Transport
All event payloads are transmitted over HTTPS with TLS 1.2+. Unencrypted HTTP endpoints are rejected during configuration. Certificate validation is enforced.
5-Minute TTL Cache
SIEM credentials are fetched from Secrets Manager and cached in-memory with a 5-minute TTL. This balances performance with secret freshness — rotated credentials take effect within 5 minutes.
Org-Level Isolation
Each organization configures its own SIEM connector independently. Events are scoped to the organization — no cross-org data leakage is possible.
Testing
Send Test Event: After configuring your SIEM connector, click the "Send Test Event" button on the settings page. This sends a synthetic dlp.pii_blocked event to your SIEM endpoint and verifies that the response indicates successful ingestion.
- 1
Save your SIEM connector configuration
- 2
Click "Send Test Event" — a synthetic event is dispatched to your endpoint
- 3
Verify the event appears in your SIEM with sourcetype
aisg:security(Splunk) or tagservice:aisg(Datadog) - 4
If delivery fails, the error message is shown inline with details (HTTP status, response body preview)
Frequently Asked Questions
Can I send events to multiple SIEM platforms simultaneously?
Currently, each organization can configure one SIEM connector at a time. If you need to forward events to multiple platforms, configure your primary SIEM and use its built-in forwarding capabilities to route to secondary destinations.
What happens if my SIEM endpoint is unreachable?
Events are delivered with at-least-once semantics using the existing webhook engine. Failed deliveries are retried with exponential backoff (3 attempts over 5 minutes). If all retries fail, the event is logged internally and a delivery failure metric is incremented in the dashboard.
Do SIEM events contain prompt or response content?
No. SIEM events contain only metadata: event type, severity, timestamp, project ID, entity types detected (e.g. 'EMAIL_ADDRESS'), and action taken (blocked/redacted). Prompt and response text are never included in SIEM payloads.
How quickly are events delivered?
Events are dispatched in near real-time — typically within 1-2 seconds of the triggering action. Delivery latency depends on your SIEM platform's ingestion speed and any network latency between AWS and your endpoint.
Can I filter which event types are sent to my SIEM?
Yes. During configuration, you select which event types to forward. You can enable or disable individual event types at any time from the SIEM settings page without reconfiguring the connector.
Ready to connect your SIEM?
Start streaming AI security events to your SIEM platform in minutes. Enterprise plan required.
Join the Community
Want to self-host this?
AI Security Gateway is open source. Deploy the core AI security proxy on your own infrastructure — PII redaction, prompt injection blocking, and secret detection included. No account required.