Splunk Integration
Rezonate's Splunk integration enables your team to receive timely alerts and information to and execute workflows and analysis based on them in Splunk.
Last updated
Rezonate's Splunk integration enables your team to receive timely alerts and information to and execute workflows and analysis based on them in Splunk.
Last updated
This integration ensures that your team stays informed about important changes and potential security risks & threats within your environment, enhancing your organization's identity protection capabilities.
For the integration, you will need an HTTP Event collector configured in Splunk. information regarding the process can be found on Splunk documentation. After performing the steps as described in their documentation, please keep note of the Webhook URL and Authorization Token.
To enable this integration, click the setting button on the top right corner of the application. In the settings, select Accounts & Integrations, and then pick External Integrations.
Click on New Integration and select Splunk.
Fill out the form as follows:
Property
Value
Name
Select your integration name.
URL
If you are using Splunk Cloud please write:
You can extract your Splunk SPLUNK_TENANT_NAME from the Url being used to access the application https://mydomain.splunkcloud.com (the bold part)
If you are using Self-managed Splunk please write:
Authorization Token
Please write down the Secret Token you received from Splunk during the creation process.
Note that before saving the integration, you can click on Test Integration which will send an example message to that channel.
Thats it! now you can send Notifications and Alerts from any part of the platform to Splunk.