SIEM
Splunk
Forward session recordings and audit logs to Splunk for security analysis and compliance.
Overview
Splunk is the leading platform for security information and event management. OnePAM integrates with Splunk to forward all access events, session recordings, and audit logs. Enable security teams to correlate infrastructure access with other security events for threat detection and compliance reporting.
Key Features
HTTP Event Collector (HEC) integration
Real-time event streaming
Session recording metadata forwarding
Access granted/denied events
User authentication events
Policy violation alerts
Custom field mapping
Splunk Enterprise and Cloud support
Use Cases
Centralize access logs for SOC teams
Correlate access events with security incidents
Generate compliance reports from access data
Detect anomalous access patterns
How It Works
Create HEC Token
Configure HTTP Event Collector in Splunk with a new token.
Configure Forwarding
Enter Splunk HEC URL and token in OnePAM settings.
Search Events
Access events appear in Splunk for search and dashboards.
Ready to Secure Your Access?
Start using Splunk with OnePAM today. Set up Zero Trust access in minutes with our step-by-step guide.