Perimeters
  • ✨Getting Started
    • Overview
    • Quick Start
      • First Login
      • Connecting things up
        • Prioritize IdP Integration
        • Integrating Response & Automation Applications
        • Following Compliances
      • Extend your Coverage
        • Integrate Additional SaaS Services
        • Integrate Supported Shadow Applications
        • Close Some Issues
      • First Use
    • Making the most of Perimeters
  • 🚪Perimeters Portal
    • Dashboard
      • Use Cases
    • Inventory
      • Applications
      • Users
      • Shadow Applications
    • Rules
      • Use Case Issues
    • Threats
      • Rules
      • Event Activity
    • Compliance
      • Single Framework
    • Settings
      • Domain Management
      • Report
    • Account Settings
  • 🪢Connecting Perimeters
    • General Instructions
    • SaaS Applications
      • Atlassian Guard (Previously Access)
      • Bitbucket
      • BambooHR
      • Cisco Duo
      • Confluence
      • Datadog
      • DocuSign
      • Dropbox
      • EntraID
      • GitHub
      • Gitlab
      • Google Workspace (G Suite)
      • Hubspot
      • Intune
      • Jira Software
      • Microsoft 365
      • Monday
      • MongoDB (Atlas Mongo)
      • Okta
      • Sentry
      • OneLogin
      • OpenAI
      • Salesforce
      • ServiceNow
      • SharePoint
      • Slack
      • Teams
      • Trello
      • Zendesk
      • Zoom
    • Response & Automation
      • custom Email
      • eMail
      • Jira Software
      • Slack
      • Webhook
      • Splunk
      • Zendesk
  • Release Notes
    • June 2024
  • Additional
    • Glossary
    • FAQ
    • Support
Powered by GitBook
On this page
  • Introduction
  • Prerequisites
  • Integrating Splunk in your account
  1. Connecting Perimeters
  2. Response & Automation

Splunk

Splunk Integration Guide

Introduction

Splunk action will allow you to send detailed data to be used in SOC when the action will be called.

Prerequisites

Splunk Cloud Or Splunk Enterprise Account user with Admin access.

To Generate API key:

1. Go to your Splunk instance -> Click Settings -> Data Inputs.

2. Click HTTP Event Collector.

Note: Make Sure Indexer acknowledgment on the token is disabled.

Note: If required, whitelist perimeters IP - 52.45.176.119

Integrating Splunk in your account

Log in to your Perimeters account and navigate to the "Integrations" section. Select "Splunk" from the list of available integrations and click on “Add Application”

  1. "Account Type" -

Select the account type from Dropdown - Either ENTERPRISE OR CLOUD. Splunk Cloud is a great option for those who prefer a managed cloud solution, while Splunk Enterprise is better suited for organizations that need to tailor the platform to their specific requirements.

  1. "HOST" -

<host> is the Splunk Cloud Platform instance that runs HTTP Event Collector

  1. "PORT" -

Enter the appropriate Port.

  1. "API KEY" -

Copy the API key generated from Splunk as mentioned under Prerequisites.

  1. Click Finish button to complete the integration process.

PreviousWebhookNextZendesk

Last updated 5 months ago

🪢