Getting started with Kaseya SIEM

This article describes the initial experience of accessing Kaseya SIEM, including activation, sign‑in, tenant linking (synchronization), and basic readiness validation.

It focuses on helping you:

  • Confirm that you can sign in successfully

  • Understand how your account and tenant are created or linked

  • Verify that Kaseya SIEM is accessible at a basic level

This guide focuses on access and readiness. It does not cover investigation workflows, detection logic, or response configuration.

When the setup flow appears

The onboarding prompts described in this article typically appear the first time you activate or access Kaseya SIEM using your activation email.

Once setup is complete:

  • You are not prompted to repeat these questions on subsequent logins

  • You access SIEM directly using your credentials

How onboarding works

During setup, Kaseya SIEM guides you through decisions that determine whether Kaseya SIEM:

  • Links (synchronizes) to an existing Kaseya tenant you already use, or

  • Creates a new, separate tenant for Kaseya SIEM

This process supports both:

  • First-time Kaseya users

  • Users who already use Kaseya products such as Kaseya MDR or SaaS Alerts

The setup flow ensures that SIEM is correctly associated with your environment and avoids creating duplicate or misaligned tenants.

How KaseyaOne fits into setup

KaseyaOne is the central access and identity platform for Kaseya products, including Kaseya SIEM.

Depending on your setup path and environment, you may encounter KaseyaOne during sign‑in or account setup.

  • If your account and authentication have not yet been configured, you will receive a KaseyaOne activation email as part of onboarding. This email is used to set up your account credentials and authentication methods. Follow the steps described in Step 6 to complete KaseyaOne account activation.

  • If you are linking Kaseya SIEM to an existing product, you typically sign in using that product’s authentication flow. In this case, KaseyaOne setup steps do not appear during onboarding if your account and authentication are already configured.

After setup is complete, KaseyaOne can be used to access Kaseya SIEM and manage your account.

Before you begin

You will need:

  • Access to the activation email for Kaseya SIEM

  • If you plan to link to an existing tenant: credentials for the product tenant you want to link to (for example, Kaseya MDR or SaaS Alerts)

Depending on your environment, you may receive more than one activation email, such as a Kaseya SIEM activation email and a KaseyaOne activation email.

These emails are used to establish access to the platform and associated services. The steps shown in this article guide you through the setup flow regardless of which email you use to begin.

NOTE  Some linking flows require permission from an administrator on the existing tenant.

Step 1: Start setup from the activation link

  1. Open the product activation or onboarding email.

  2. Select the activation link.

After selecting the link, the setup flow begins.

Step 2: Choose whether you already use Kaseya MDR or SaaS Alerts

A decision screen is displayed asking whether you already use Kaseya MDR or SaaS Alerts.

Select one of the following:

  • Yes, I have one of these: Select this option if you already use Kaseya MDR, SaaS Alerts, or both. You will be prompted to identify those products and choose whether to link Kaseya SIEM to that existing tenant or not.

  • No, this is my first Kaseya product: Select this option if you do not already use Kaseya products. You will continue through the setup flow to create a new account and tenant, skipping product selection and tenant linking steps.

Select Continue.

The next steps depend on your selection:

  • If you selected Yes, continue with Step 3.

  • If you selected No, continue with Step 2A.

Step 2A: Create your account

If you selected No, this is my first Kaseya product, you are guided through account creation.

  1. Select a sign-in method: A screen appears asking you to choose how to create your account.

  2. Select one of the available options:

    • Sign up with Google

    • Sign up with Microsoft

    • Sign up with email

  3. Enter account details: If you select Sign up with email, an account creation form appears.

  4. Enter the required information, including:

    • Full name

    • Password

    • Telephone number

    Select Create Account to continue.

  5. Sign in to your account: After your account is created, you are prompted to sign in.

    Enter your credentials and select Log in.

After signing in, continue with Step 6 to complete the KaseyaOne account activation.

Step 3 (Yes path): Select which products you already use

If you selected Yes, I have one of these, a product selection screen is displayed.

  1. Select the products you already use (for example, Kaseya MDR, SaaS Alerts, or both).

  2. Select Continue.

Step 4 (Yes path): Choose how to configure Kaseya SIEM

A configuration screen is displayed.

Decide whether to link Kaseya SIEM to your existing tenant.

Option A: Yes, link to my existing tenant (recommended)

Select Yes, link to my existing tenant (recommended), then select Continue.

This option links (synchronizes) Kaseya SIEM to your existing tenant.

  • If you selected only one product in Step 3, you are directed to that product’s sign-in flow

  • If you selected multiple products, you will see a tenant selection drop-down menu that lets you choose which tenant to link to before you proceed.

Option B: No, keep them separate (create a new SIEM tenant)

Select No, keep them separate.

When you choose this option, an acknowledgement checkbox is displayed confirming that the new tenant will not be linked.

  1. Select the acknowledgement checkbox.

  2. Select Continue to proceed to tenant creation.

The remaining steps depend on your selection:

  • If you chose to link to an existing tenant, continue with Step 5A.

  • If you chose to keep environments separate, continue with Step 5B.

Step 5A (Yes path > link to existing tenant): Sign in and authorize linking

This section describes the experience after selecting Yes, link to my existing tenant.

1. Sign in prompt

A sign-in prompt appears requesting access to your existing tenant.

Select Sign in to. . . to continue.

2. Product sign-in page (example: MDR sign-in)

You are redirected to the product sign-in page.

Sign in using one of the available methods (for example, email/password or a supported single sign-on option).

After you sign in successfully, you return to the Kaseya SIEM linking flow.

3. Authorize access (example: SaaS Alerts authorization)

A permissions screen will appear requesting access to your existing tenant.

The screen summarizes what Kaseya SIEM will be able to do, such as:

  • Attaching Kaseya SIEM to your existing tenant

  • Granting admin access to existing administrators

Review the information and select Allow & continue.

After authorization, a progress screen will appear while Kaseya SIEM is linked to your tenant. This process completes automatically. No action is required.

4. Linking confirmation

After the linking process completes, a confirmation screen appears.

This screen confirms that Kaseya SIEM has been linked to your tenant and indicates that users, roles, and structure will sync shortly.

Select Continue.

5. Final summary

A final screen confirms that linking is complete and that data synchronization has started.

This screen may include notes such as:

  • You can use your existing product credentials to access Kaseya SIEM (single sign-on)

  • Users, roles, and other data begin syncing in the background. This process may take a few minutes depending on the environment.

Select Log in to Kaseya SIEM.

Step 5B (No path > keep separate): Create a new SIEM tenant

If you selected No, keep them separate, you are taken to a tenant creation form.

  1. In Basic Information, enter required company and domain details (and any required address/location fields shown).

  2. In Administrator Information, choose a sign-in method (for example, Google, Microsoft, or email).

  3. Select Next and complete the remaining steps (Terms of Service and Success screens).

Step 6: Complete KaseyaOne account activation

KaseyaOne is used to manage authentication and access across Kaseya products. During this step, you complete account security setup, including password creation and multi‑factor authentication (MFA).

  1. Account activation: Open the KaseyaOne activation email and select Activate your account.

  2. Set your password: After selecting the link, the Set Password screen opens. Enter a password and confirm it using the required fields.

  3. Sign in: After setting your password, you are prompted to sign in using your newly created credentials.

  4. Set up multi‑factor authentication (MFA):

    • Select Get Started.

    • Scan the QR code using an authentication app.

    • Enter the generated code

    • Select Next.

    After completing setup, the system confirms that your authentication method is configured.

    You may optionally select Set Up MFA With KaseyaOne App to enable push notifications, or select Skip to continue.

  5. Review KaseyaOne overview: An onboarding screen introduces KaseyaOne and may describe capabilities such as:

    • Unified login

    • Organization dashboards

    • Support visibility

    • Subscription and billing management

    Select Next.

  6. Choose setup ownership: You are prompted to determine how KaseyaOne setup will be handled:

    • I will set up KaseyaOne myself

    • I need to invite somebody else to set up KaseyaOne

    Make your selection and continue.

  7. Access the dashboard: After onboarding, the KaseyaOne dashboard loads. The dashboard may include:

    • Navigation (Home, Automations, Organizations, Kaseya Store)

    • Setup tasks and configuration options

    • Identity and access configuration cards

    • An insights panel showing setup progress

  8. Open Kaseya SIEM: Scroll to the My Modules section. This section lists the products available to your account, including Kaseya SIEM.

    Select Kaseya SIEM to open it. You will be able to access Kaseya SIEM from here if preferred.

NOTE  Modules may not appear if permissions are not assigned or Unified Login is not configured.

Step 7: Perform a readiness check

After you sign in, confirm the following:

  • Confirm sign-in: You can access Kaseya SIEM without being redirected back to activation.

  • Confirm interface access: Primary navigation and core pages load successfully.

  • Confirm data status: If you linked to an existing tenant:

    • Allow time for synchronization to complete

    • Some data may not appear immediately

    If no data is visible, this may be expected depending on connected sources and configuration.

    If data sources are already connected, you may see alerts, activity, or investigation context indicating that data is flowing.

After your first sign-in, Kaseya SIEM displays self-guided onboarding prompts within the product. These prompts help you understand the interface and complete initial setup tasks such as reviewing the dashboard, configuring organizations, and enabling data sources.

Follow the on-screen guidance to continue setup.

Troubleshooting (first-time access)

I clicked the activation link but don’t see the onboarding screens

  • Try opening the link in a private/incognito browser window.

  • Confirm you are using the intended email address for the tenant you want to access.

I chose “Link to my existing tenant” but cannot proceed

The linking flow may require permission from an administrator on the existing tenant.

I selected multiple products and I’m not sure which tenant to choose

Use the tenant drop-down menu to select the tenant you want Kaseya SIEM linked to.

I created a new tenant by mistake

  • If you selected No, keep them separate, a separate tenant was created.

  • Restart the onboarding flow and choose the linking option if your goal is a single tenant experience.

Key takeaway

Getting started with Kaseya SIEM is about confirming three things:

  • You can access the platform successfully.

  • You either linked (synchronized) to an existing tenant or created a new tenant intentionally.

  • SIEM is ready for use at a basic level (including synchronization progress, if applicable).

Next steps

Once initial activation is complete, proceed to: