SIEM Integration with Splunk

Pre-requisites

To begin integrating Enpass with Splunk, ensure that you have configured HTTP Event Collector (Splunk Documentation) and its following details:

  • HTTP Event Collector
  • Port
  • Path
  • Token

Configure Enpass Admin Console to Send Event Logs to Splunk

  1. Log in to Enpass Admin Console
  2. Go to Settings > Event Logs.
    Console to Send Event Logs to Splunk
  3. Go to Configure button under SIEM Integration Section.
    Configure button under SIEM Integration Section2
  4. Select Splunk and Continue.
    Select Splunk and Continue
  5. Enter the previously generated Host, Port, Path and Token.
    previously generated Host Port Path and Token4
  6. Now Click Verify & Save.

 


Related topics