Arctic Wolf Setup Resources

Managed Detection and Response

Sensor Deployment

Virtual Log Collector — Installation Guide

AWN101 Sensor — Internal Tap Deployment | Mirroring Deployment

AWN201 Sensor — Internal Tap Deployment | Mirroring Deployment

AWN201 Sensor 10G — Internal Tap Deployment | Mirroring Deployment

AWN202 Sensor — Internal Tap Deployment | Mirroring Deployment

AWN202 Sensor 10G — Internal Tap Deployment | Mirroring Deployment

AWN203 Sensor — Mirroring Deployment

AWN301 Sensor — Mirroring Deployment

AWN301 Sensor 10G — Internal Tap Deployment | Mirroring Deployment

AWN1000 Sensor — Internal Tap Deployment | Mirroring Deployment

AWN1000 Sensor 10G — Internal Tap Deployment | Mirroring Deployment

Replacement Guides

AWN100 to AWN101 — Internal Tap Deployment | Mirroring Deployment
AWN200 to AWN201 — Internal Tap Deployment | Mirroring Deployment
AWN200 to AWN202 — Internal Tap Deployment | Mirroring Deployment

Switch Port Mirroring

These are direct links to manufacturer setup instructions not hosted by Arctic Wolf.

Catalyst 4500 Series Switch

Active Directory Sensor

Active Directory Installation

Syslog

Palo Alto Networks

Zscaler ZIA

Infoblox

Managed Risk

Scanner Deployment

Managed Risk Scanner Installation and Configuration

Managed Risk Scanner Migration

Managed Risk Scanner FAQ

Risk Dashboard

Risk Dashboard User Guide

Cloud Security Posture Management

Amazon Web Services (AWS) — Configure AWS cloud environment configuration scanning

Google Cloud Platform (GCP) — Configure GCP cloud environment configuration scanning

Microsoft Azure — Configure Microsoft Azure cloud environment configuration scanning

Managed Security Awareness

Managed Security Awareness AllowListing

Managed Security Awareness Welcome Email

Managed Security Awareness Integration for Azure Active Directory or Microsoft 365

Managed Security Awareness Autoplay Configuration

Managed Security Awareness Dashboard User Guide

Managed Cloud Monitoring

Amazon Web Services (AWS) — Configure AWS accounts monitoring

Box — Configure the required Box credentials

Carbon Black — Configure the required Carbon Black credentials

Cisco Secure Access by Duo — Configure the required Cisco Duo credentials

Cisco Secure Endpoint — Configure the required Cisco Secure Endpoint credentials

Cisco Umbrella — Configure the required Cisco Umbrella credentials

Crowdstrike Falcon — Configure the required Crowdstrike Falcon credentials

Cylance — Configure the required Cylance credentials

Defender ATP — Configure the required Defender ATP credentials

Google Workspace — Configure the required Google Workspace credentials

Microsoft 365 — Configure Microsoft 365 monitoring

Microsoft Azure — Configure Azure monitoring

Mimecast — Configure the required Mimecast credentials

Okta — Configure an Okta API Token

Proofpoint TAP — Configure the required Proofpoint TAP credentials

Salesforce — Configure the required Salesforce credentials

SentinelOne — Configure the required SentinelOne credentials

Sophos — Configure the required Sophos credentials

Webroot — Configure the required Webroot credentials

Arctic Wolf Agent

Arctic Wolf Agent Installation Guide

Arctic Wolf Agent Vulnerability Debug Scans

Arctic Wolf Agent FAQ

Log Search

Log Search User Guide

Log Search Query Guide

ConnectWise Integration

Configuring a ConnectWise Integration

Service Assurance

Arctic Wolf Service Assurance Claims Guide