Rezonate
  • 🏠Home
  • 🚩Platform Tour
    • đŸ‡ģđŸ‡ŗPlatform Dashboard
    • 🆔Identity Analytics
      • đŸĒĒIdentity Centric
      • 🔡Identity By Platform
    • âš ī¸Risks & Threats
      • Highlighted ITDR Capabilities
  • â„šī¸How-to Guides
    • ➕Adding Integrations
    • đŸ¤ĻManage Users
    • 🧑‍đŸ’ŧCustomize Exposures
    • đŸ‘ī¸â€đŸ—¨ī¸Querying & Filtering Data
  • 📐Core Integrations
    • Azure Integration
      • Required Privilegees
      • Update Certificate for Existing Installation
    • Okta Integration
      • Okta Integration -Remediation Supported
    • Google Workspace
      • 1-Click Integration
      • Legacy Integration
    • Google Cloud Integration
    • Zoom Integration
    • DocuSign Integration
    • GitHub Integration
      • GitHub Enterprise Expansion
    • AWS Integration
      • AWS - Required Privileges
      • Log Streaming Integration
    • Salesforce Integration
      • Salesforce - Collected Data & Query Volume
    • JAMF Pro Integration
    • CircleCI Integration
    • Auth0 Integration
    • Cloudflare Integration
    • CrowdStrike Integration
      • Integrating Permissions
    • Slack Integration
    • Workday Integration
    • BambooHR Integration
    • Snowflake Integration
    • LastPass Integration
    • SentinelOne integration
    • SAP Cloud Platform Integration
    • GitLab Integration
    • Oracle NetSuite Integration
    • Atlassian Cloud Integration
    • Zendesk Integration
    • HiBob Integration
    • Microsoft Defender Integration
    • Docusign Integration
    • Mongo Atlas Integration
    • Ping Identity One Integration
    • Generic HRIS Integration
  • 📍Notifications & Alerts
    • Slack Integration
    • HTTP Webhook Integration
      • Webhook Alert Example - Saved Search
      • Webhook Alert Example- ITDR
    • Microsoft Teams Integration
    • Torq Integration
    • Email Integration
    • Splunk Integration
    • Datadog Integration
    • PagerDuty Integration
    • Jira Integration
  • 🆘Troubleshooting & Support
    • Collectors IP Ranges
    • Data Processing
      • AWS
      • Azure Active Directory
      • Azure Cloud
      • Google Workspace
    • SSO Integrations
      • SSO Login - Okta
      • SSO Login - AzureAd
  • 📓Legal & Terms
Powered by GitBook
On this page
  • Configuring Splunk HTTP Event Collector
  • Adding integration in Rezonate
  1. Notifications & Alerts

Splunk Integration

Rezonate's Splunk integration enables your team to receive timely alerts and information to and execute workflows and analysis based on them in Splunk.

PreviousEmail IntegrationNextDatadog Integration

Last updated 1 year ago

This integration ensures that your team stays informed about important changes and potential security risks & threats within your environment, enhancing your organization's identity protection capabilities.

Configuring Splunk HTTP Event Collector

For the integration, you will need an HTTP Event collector configured in Splunk. information regarding the process can be found on . After performing the steps as described in their documentation, please keep note of the Webhook URL and Authorization Token.

Adding integration in Rezonate

To enable this integration, click the setting button on the top right corner of the application. In the settings, select Accounts & Integrations, and then pick External Integrations.

Click on New Integration and select Splunk.

Fill out the form as follows:

Property

Value

Name

Select your integration name.

URL

If you are using Splunk Cloud please write:

You can extract your Splunk SPLUNK_TENANT_NAME from the Url being used to access the application https://mydomain.splunkcloud.com (the bold part)

If you are using Self-managed Splunk please write:

Authorization Token

Please write down the Secret Token you received from Splunk during the creation process.

Note that before saving the integration, you can click on Test Integration which will send an example message to that channel.

Thats it! now you can send Notifications and Alerts from any part of the platform to Splunk.

📍
https://http-inputs-{$SPLUNK_TENANT_NAME}.splunkcloud.com/services/collector/raw
https://{$SPLUNK_DOMAIN$}:{$SPLUNK_HEC_PORT}/services/collector/raw
Splunk documentation
Splunk integration screen, Rezonate Platform.