SIEM Integration with Splunk
Pre-requisites
To begin integrating Enpass with Splunk, ensure that you have configured HTTP Event Collector (Splunk Documentation) and its following details:
- HTTP Event Collector
- Port
- Path
- Token
Configure Enpass Admin Console to Send Event Logs to Splunk
- Log in to Enpass Admin Console
- Go to Settings > Event Logs.
- Go to Configure button under SIEM Integration Section.
- Select Splunk and Continue.
- Enter the previously generated Host, Port, Path and Token.
- Now Click Verify & Save.